CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
99.7%
The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765.
Vendor | Product | Version | CPE |
---|---|---|---|
hp | sitescope | 10.11 | cpe:2.3:a:hp:sitescope:10.11:*:*:*:*:*:*:* |
hp | sitescope | 10.13 | cpe:2.3:a:hp:sitescope:10.13:*:*:*:*:*:*:* |
hp | sitescope | 11.01 | cpe:2.3:a:hp:sitescope:11.01:*:*:*:*:*:*:* |
hp | sitescope | 11.1 | cpe:2.3:a:hp:sitescope:11.1:*:*:*:*:*:*:* |
hp | sitescope | 11.10 | cpe:2.3:a:hp:sitescope:11.10:*:*:*:*:*:*:* |
hp | sitescope | 11.11 | cpe:2.3:a:hp:sitescope:11.11:*:*:*:*:*:*:* |
hp | sitescope | 11.12 | cpe:2.3:a:hp:sitescope:11.12:*:*:*:*:*:*:* |
hp | sitescope | 11.20 | cpe:2.3:a:hp:sitescope:11.20:*:*:*:*:*:*:* |
hp | sitescope | 11.21 | cpe:2.3:a:hp:sitescope:11.21:*:*:*:*:*:*:* |