CVSS: 6.8EPSS: 0%CPEs: 19EXPL: 0CVE-2010-1037
https://notcve.org/view.php?id=CVE-2010-1037
Cross-site request forgery (CSRF) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en HP System Insight Manager anterior a v6.0 permite a atacantes remotos secuestrar la autenticación de victimas sin especificar a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=127239985506823&w=2 http://secunia.com/advisories/39645 http://securitytracker.com/id?1023927 http://www.securityfocus.com/bid/39736 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.0EPSS: 0%CPEs: 17EXPL: 0CVE-2008-4412
https://notcve.org/view.php?id=CVE-2008-4412
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5.2 Update 2 (C.05.02.02.00) allows remote attackers to obtain sensitive information via unspecified vectors. Vulnerabilidad no especificada en HP Systems Insight Manager (SIM) anterior a v5.2 Update 2 (C.05.02.02.00) permite a atacantes remotos obtener información sensible mediante vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01571962 http://secunia.com/advisories/32287 http://www.securityfocus.com/bid/31777 http://www.securitytracker.com/id?1021064 http://www.vupen.com/english/advisories/2008/2836 https://exchange.xforce.ibmcloud.com/vulnerabilities/45916 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 0CVE-2007-2719
https://notcve.org/view.php?id=CVE-2007-2719
Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie. Vulnerabilidad de fijación de sesión en HP Systems Insight Manager (SIM) 4.2 y 5.0 SP4 y SP5 permite a atacantes remotos secuestrar sesiones web al establecer la cookie JSESSIONID. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01049713 http://osvdb.org/36061 http://secunia.com/advisories/25275 http://www.acrossecurity.com/aspr/ASPR-2007-05-14-1-PUB.txt http://www.securityfocus.com/archive/1/468974/100/0/threaded http://www.securityfocus.com/bid/23988 http://www.securitytracker.com/id?1018062 http://www.vupen.com/english/advisories/2007/1823 https://exchange.xforce.ibmcloud.com/vulnerabilities/34303 • CWE-287: Improper Authentication •
CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 0CVE-2006-0656
https://notcve.org/view.php?id=CVE-2006-0656
Directory traversal vulnerability in HP Systems Insight Manager 4.2 through 5.0 SP3 for Windows allows remote attackers to access arbitrary files via unspecified vectors, a different vulnerability than CVE-2005-2006. • http://secunia.com/advisories/18789 http://securitytracker.com/id?1015605 http://www.securityfocus.com/bid/16571 http://www.vupen.com/english/advisories/2006/0497 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00597967 •