CVE-2011-1543

Published Apr 29, 2011

Last updated 13 years ago

Overview

Description: Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Source: hp-security-alert@hp.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-352

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEE53EC7-E44E-4FC2-A168-37499AF01EA9",
            "versionEndIncluding": "6.2"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C07FE39-0025-4988-AE5B-A79A46EA6E25"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:2.5.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F2F7541-8174-4B32-AA30-F18FBB87CA38"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "859C04D0-1DBF-4686-8A8C-59CEF4AA74FC"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:4.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12F9B9A8-D820-4B90-8DCA-54F4DD15E87E"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CD41C87-86F3-4E4E-A54F-C56C5C90C361"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:4.1:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4879BF5-2647-4335-91CD-BDD0B2CAF862"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D430EB3C-EF10-4E39-821B-C4CFB91FCA25"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:4.2:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ABFA4EDE-1BF2-4E45-AB4A-23E981104ED1"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:4.2:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "202984FE-E221-4E2E-A9A4-236D41EB7D11"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "441A0127-F774-4D68-9663-94FBBD13A8F1"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:5.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59AA99D8-868E-446C-8DA0-988CEAF86174"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:5.0:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FDB329C-240D-4D81-AF90-A005BF72517E"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:5.0:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BFFA879-49E9-42C8-B180-4178115752A7"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:5.0:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D24DCC30-30B3-4715-A02B-4C0667B1BFA9"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:5.0:sp5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF4C5A74-7186-4331-B607-2A9BFD4AFAE1"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C627E16-44E7-4559-B0F2-25BFEE8FFAAA"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F1E270F-D317-45B9-A0CB-84FEB8248EA5"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:5.2:update_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "322BFC4C-71B1-4368-BBEE-87D67FA28E45"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA15FE6E-7796-4D59-A84A-CA75F202D9C1"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:5.3:update_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "965E7633-A1EE-4292-AA6B-56B078BB1804"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69B4CCF1-0683-4473-83B5-138C9C42C668"
          },
          {
            "criteria": "cpe:2.3:a:hp:systems_insight_manager:6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28C12939-60B9-4378-B10C-9F1E2D3E1177"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References