CVE-2010-3288

Published Oct 23, 2010

Last updated 14 years ago

Overview

Description: Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Source: hp-security-alert@hp.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-352

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "14D72B0F-4309-4A4F-A7ED-6524AD2D4B90",
            "versionEndIncluding": "6.1"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "859C04D0-1DBF-4686-8A8C-59CEF4AA74FC"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CD41C87-86F3-4E4E-A54F-C56C5C90C361"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:4.1:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4879BF5-2647-4335-91CD-BDD0B2CAF862"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D430EB3C-EF10-4E39-821B-C4CFB91FCA25"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:4.2:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ABFA4EDE-1BF2-4E45-AB4A-23E981104ED1"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:4.2:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "202984FE-E221-4E2E-A9A4-236D41EB7D11"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "441A0127-F774-4D68-9663-94FBBD13A8F1"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69B4CCF1-0683-4473-83B5-138C9C42C668"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References