Page 10 of 48 results (0.008 seconds)

CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 0

Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie. Vulnerabilidad de fijación de sesión en HP Systems Insight Manager (SIM) 4.2 y 5.0 SP4 y SP5 permite a atacantes remotos secuestrar sesiones web al establecer la cookie JSESSIONID. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01049713 http://osvdb.org/36061 http://secunia.com/advisories/25275 http://www.acrossecurity.com/aspr/ASPR-2007-05-14-1-PUB.txt http://www.securityfocus.com/archive/1/468974/100/0/threaded http://www.securityfocus.com/bid/23988 http://www.securitytracker.com/id?1018062 http://www.vupen.com/english/advisories/2007/1823 https://exchange.xforce.ibmcloud.com/vulnerabilities/34303 • CWE-287: Improper Authentication •

CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 0

Directory traversal vulnerability in HP Systems Insight Manager 4.2 through 5.0 SP3 for Windows allows remote attackers to access arbitrary files via unspecified vectors, a different vulnerability than CVE-2005-2006. • http://secunia.com/advisories/18789 http://securitytracker.com/id?1015605 http://www.securityfocus.com/bid/16571 http://www.vupen.com/english/advisories/2006/0497 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00597967 •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

Unknown vulnerability in the login page for HP Systems Insight Manager (SIM) 4.0 and 4.1, when accessed by Microsoft Internet Explorer with the MS04-025 patch, leads to a denial of service (browser hang). NOTE: although the advisory is vague, this issue does not appear to involve an attacker at all. If not, then this issue is not a vulnerability. • http://www.securityfocus.com/archive/1/418280/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/17235 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1582 •