Lucene search
HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-3575
cve-2013-3575
hp insight diagnostics
remote code execution
security vulnerability
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
7 High
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
77.1%
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter.
Affected configurations
Node
hpinsight_diagnosticsMatch9.4.0.4710
| CPE | Name | Operator | Version |
|---|---|---|---|
| hp:insight_diagnostics | hp insight diagnostics | eq | 9.4.0.4710 |
References
Related
prion
prion
Hardcoded credentials
2013-06-14 13:07:00
nvd
nvd
CVE-2013-3575
2013-06-14 13:07:29
cvelist
cvelist
CVE-2013-3575
2022-10-03 16:14:46
cert
cert
HP Insight Diagnostics 8.20 b2878 multiple vulnerabilities
2013-06-10 00:00:00
kaspersky
kaspersky
KLA10188 Multiple vulnerabilities in HP Insight Diagnostics
2013-06-14 00:00:00
attackerkb
attackerkb
HP Insight Diagnostics 8.20 b2878 multiple vulnerabilities
2013-06-14 00:00:00
threatpost
threatpost
Three Vulnerabilities Exist in HP's Insight Diagnostics
2013-06-10 13:47:25
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
7 High
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
77.1%
Related for CVE-2013-3575