Lucene search

[email protected]CVE-2012-2004

HistoryMay 02, 2012 - 10:55 p.m.

CVE-2012-2004

2012-05-0222:55:02

CWE-20

[email protected]

web.nvd.nist.gov

cve-2012-2004

open redirect

hp insight management agents

windows server

remote attackers

phishing attacks

8.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:C/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON

Open redirect vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Affected configurations

NVD

Node

hpinsight_management_agentsRange≤8.70.0.0b

hpinsight_management_agentsMatch6.30.0.0

hpinsight_management_agentsMatch6.31.0.0b

hpinsight_management_agentsMatch6.40.0.0

hpinsight_management_agentsMatch7.0.0.0

hpinsight_management_agentsMatch7.10.0.0

hpinsight_management_agentsMatch7.20.0.0

hpinsight_management_agentsMatch7.30.0.0

hpinsight_management_agentsMatch7.40.0.0

hpinsight_management_agentsMatch7.40.1.0

hpinsight_management_agentsMatch7.41.0.0

hpinsight_management_agentsMatch7.50.0.0

hpinsight_management_agentsMatch7.51.0.0

hpinsight_management_agentsMatch7.60.0.0

hpinsight_management_agentsMatch7.70.0.0

hpinsight_management_agentsMatch7.80.0.0

hpinsight_management_agentsMatch7.90.0.0

hpinsight_management_agentsMatch7.91.0.0

hpinsight_management_agentsMatch7.95.0.0

hpinsight_management_agentsMatch8.0.0.0

hpinsight_management_agentsMatch8.1.0.0

hpinsight_management_agentsMatch8.5

hpinsight_management_agentsMatch8.10.0.0

hpinsight_management_agentsMatch8.11.0.0

hpinsight_management_agentsMatch8.15.0.0

hpinsight_management_agentsMatch8.20.0.0

hpinsight_management_agentsMatch8.22.0.0

hpinsight_management_agentsMatch8.26.0.0

hpinsight_management_agentsMatch8.30.0.0

hpinsight_management_agentsMatch8.40.0.0

hpinsight_management_agentsMatch8.50.0.0

hpinsight_management_agentsMatch8.60.0.0

hpinsight_management_agentsMatch8.70.0.0

AND

microsoftwindows_2003_server

microsoftwindows_server_2003

microsoftwindows_server_2008Match-

microsoftwindows_server_2008Match-x64

CPENameOperatorVersion
hp:insight_management_agentshp insight management agentsle8.70.0.0
hp:insight_management_agentshp insight management agentseq6.30.0.0
hp:insight_management_agentshp insight management agentseq6.31.0.0
hp:insight_management_agentshp insight management agentseq6.40.0.0
hp:insight_management_agentshp insight management agentseq7.0.0.0
hp:insight_management_agentshp insight management agentseq7.10.0.0
hp:insight_management_agentshp insight management agentseq7.20.0.0
hp:insight_management_agentshp insight management agentseq7.30.0.0
hp:insight_management_agentshp insight management agentseq7.40.0.0
hp:insight_management_agentshp insight management agentseq7.40.1.0

CPE	Name	Operator	Version
hp:insight_management_agents	hp insight management agents	le	8.70.0.0
hp:insight_management_agents	hp insight management agents	eq	6.30.0.0
hp:insight_management_agents	hp insight management agents	eq	6.31.0.0
hp:insight_management_agents	hp insight management agents	eq	6.40.0.0
hp:insight_management_agents	hp insight management agents	eq	7.0.0.0
hp:insight_management_agents	hp insight management agents	eq	7.10.0.0
hp:insight_management_agents	hp insight management agents	eq	7.20.0.0
hp:insight_management_agents	hp insight management agents	eq	7.30.0.0
hp:insight_management_agents	hp insight management agents	eq	7.40.0.0
hp:insight_management_agents	hp insight management agents	eq	7.40.1.0

Rows per page:

1-10 of 321

References

osvdb.org/81667

secunia.com/advisories/49054

www.securityfocus.com/archive/1/522548

www.securityfocus.com/bid/53341

www.securitytracker.com/id?1027003

exchange.xforce.ibmcloud.com/vulnerabilities/75313

8.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:C/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON

Related for CVE-2012-2004

prion1 cvelist1 nvd1 nessus1 securityvulns2