Lucene search
HpCVE-2013-4835HistoryNov 04, 2013 - 4:55 p.m.
CVE-2013-4835
2013-11-0416:55:04
hp
web.nvd.nist.gov
120
nvd
cve-2013-4835
apisitescopeimpl
soap service
hp sitescope
authentication bypass
arbitrary code
remote attackers
zdi-can-1765
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
Low
EPSS
0.969
Percentile
99.7%
The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765.
Affected configurations
Node
hpsitescopeMatch10.11
ORhpsitescopeMatch10.13
ORhpsitescopeMatch11.01
ORhpsitescopeMatch11.1
ORhpsitescopeMatch11.10
ORhpsitescopeMatch11.11
ORhpsitescopeMatch11.12
ORhpsitescopeMatch11.20
ORhpsitescopeMatch11.21
| Vendor | Product | Version | CPE |
|---|---|---|---|
| hp | sitescope | 10.11 | cpe:2.3:a:hp:sitescope:10.11:*:*:*:*:*:*:* |
| hp | sitescope | 10.13 | cpe:2.3:a:hp:sitescope:10.13:*:*:*:*:*:*:* |
| hp | sitescope | 11.01 | cpe:2.3:a:hp:sitescope:11.01:*:*:*:*:*:*:* |
| hp | sitescope | 11.1 | cpe:2.3:a:hp:sitescope:11.1:*:*:*:*:*:*:* |
| hp | sitescope | 11.10 | cpe:2.3:a:hp:sitescope:11.10:*:*:*:*:*:*:* |
| hp | sitescope | 11.11 | cpe:2.3:a:hp:sitescope:11.11:*:*:*:*:*:*:* |
| hp | sitescope | 11.12 | cpe:2.3:a:hp:sitescope:11.12:*:*:*:*:*:*:* |
| hp | sitescope | 11.20 | cpe:2.3:a:hp:sitescope:11.20:*:*:*:*:*:*:* |
| hp | sitescope | 11.21 | cpe:2.3:a:hp:sitescope:11.21:*:*:*:*:*:*:* |
Related
dsquare
dsquare
HP SiteScope issueSiebelCmd 11.20 RCE
2014-01-13 00:00:00
exploitdb
exploitdb
HP SiteScope issueSiebelCmd - Remote Code Execution (Metasploit)
2013-12-24 00:00:00
cvelist
cvelist
CVE-2013-4835
2013-11-04 15:00:00
prion
prion
Authentication flaw
2013-11-04 16:55:00
checkpoint_advisories
checkpoint_advisories
HP SiteScope issueSiebelCmd SOAP Request Code Execution (CVE-2013-4835)
2013-12-22 00:00:00
securityvulns
securityvulns
HP SiteScope code execution
2013-11-05 00:00:00
[security bulletin] HPSBMU02933 rev.1 - HP SiteScope, issueSiebelCmd SOAP Request, Remote Code Execution
2013-11-05 00:00:00
HP SiteScope security vulnerabilities
2014-03-27 00:00:00
nvd
nvd
CVE-2013-4835
2013-11-04 16:55:04
zdi
zdi
HP SiteScope issueSiebelCmd SOAP Request Remote Code Execution Vulnerability
2013-11-24 00:00:00
metasploit
metasploit
HP SiteScope issueSiebelCmd Remote Code Execution
2013-12-19 23:48:52
packetstorm
packetstorm
HP SiteScope issueSiebelCmd Remote Code Execution
2013-12-23 00:00:00
seebug
seebug
HP SiteScope 'issueSiebelCmd' SOAPθ―·ζ±θΏη¨δ»£η ζ§θ‘ζΌζ΄
2013-12-25 00:00:00
nessus
nessus
HP SiteScope Multiple Unspecified Remote Code Execution Vulnerabilities
2013-08-02 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
Low
EPSS
0.969
Percentile
99.7%
Related for CVE-2013-4835