This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:hp:system_management_homepage
Detail
VendorHpFirst view 2006-03-06
ProductSystem Management HomepageLast view2018-02-15
VersionTypeApplication
Edition 
Language 
Update 

Activity : Overall

COMMON PLATFORM ENUMERATION : Repartition per Version

CPE NameAffected CVE
cpe:/a:hp:system_management_homepage:2.0.068
cpe:/a:hp:system_management_homepage:2.1.467
cpe:/a:hp:system_management_homepage:2.1.167
cpe:/a:hp:system_management_homepage:2.1.3.13267
cpe:/a:hp:system_management_homepage:2.167
Hide | Show 45 More...
CPE NameAffected CVE
cpe:/a:hp:system_management_homepage:2.0.267
cpe:/a:hp:system_management_homepage:2.0.167
cpe:/a:hp:system_management_homepage:2.1.366
cpe:/a:hp:system_management_homepage:2.1.566
cpe:/a:hp:system_management_homepage:2.1.266
cpe:/a:hp:system_management_homepage:2.1.766
cpe:/a:hp:system_management_homepage:2.1.666
cpe:/a:hp:system_management_homepage:2.1.866
cpe:/a:hp:system_management_homepage:2.1.965
cpe:/a:hp:system_management_homepage:2.1.0-10365
cpe:/a:hp:system_management_homepage:2.1.0-11865
cpe:/a:hp:system_management_homepage:2.1.7-16865
cpe:/a:hp:system_management_homepage:2.1.6-15665
cpe:/a:hp:system_management_homepage:2.1.0-10965
cpe:/a:hp:system_management_homepage:2.1.2-12765
cpe:/a:hp:system_management_homepage:2.1.0-103(a)65
cpe:/a:hp:system_management_homepage:2.1.5-14665
cpe:/a:hp:system_management_homepage:2.1.12-11864
cpe:/a:hp:system_management_homepage:2.0.1.10464
cpe:/a:hp:system_management_homepage:2.1.5.146:b64
cpe:/a:hp:system_management_homepage:2.1.6.15664
cpe:/a:hp:system_management_homepage:2.1.11-19764
cpe:/a:hp:system_management_homepage:2.1.0.12164
cpe:/a:hp:system_management_homepage:2.1.5.14664
cpe:/a:hp:system_management_homepage:2.1.2.12764
cpe:/a:hp:system_management_homepage:2.1.4.14364
cpe:/a:hp:system_management_homepage:2.1.1064
cpe:/a:hp:system_management_homepage:2.1.8-17764
cpe:/a:hp:system_management_homepage:2.1.4-14364
cpe:/a:hp:system_management_homepage:2.1.7.16864
cpe:/a:hp:system_management_homepage:2.1.10-18664
cpe:/a:hp:system_management_homepage:2.1.9-17864
cpe:/a:hp:system_management_homepage:2.1.12-20064
cpe:/a:hp:system_management_homepage:2.1.1164
cpe:/a:hp:system_management_homepage:2.0.2.10664
cpe:/a:hp:system_management_homepage:-64
cpe:/a:hp:system_management_homepage:2.1.10.18663
cpe:/a:hp:system_management_homepage:2.1.11.197:a63
cpe:/a:hp:system_management_homepage:2.1.10.186:b63
cpe:/a:hp:system_management_homepage:2.1.8.17963
cpe:/a:hp:system_management_homepage:2.2.863
cpe:/a:hp:system_management_homepage:2.2.663
cpe:/a:hp:system_management_homepage:2.1.10.186:c63
cpe:/a:hp:system_management_homepage:2.1.12.20162
cpe:/a:hp:system_management_homepage:2.1.15.21062

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
5.52018-02-15CVE-2017-12553LocalHighRequires ...
5.52018-02-15CVE-2017-12552LocalHighRequires ...
5.52018-02-15CVE-2017-12551LocalHighRequires ...
5.52018-02-15CVE-2017-12550LocalHighRequires ...
5.52018-02-15CVE-2017-12549LocalHighRequires ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
5.52018-02-15CVE-2017-12548LocalHighRequires ...
5.52018-02-15CVE-2017-12547LocalHighRequires ...
5.52018-02-15CVE-2017-12546LocalHighRequires ...
7.82018-02-15CVE-2017-12545NetworkLowNone Requ...
3.52018-02-15CVE-2017-12544NetworkMediumRequires ...
7.82016-10-28CVE-2016-4396NetworkLowNone Requ...
7.82016-10-28CVE-2016-4395NetworkLowNone Requ...
5.82016-10-28CVE-2016-4394NetworkMediumNone Requ...
3.52016-10-28CVE-2016-4393NetworkMediumRequires ...
5.12016-07-18CVE-2016-5388NetworkHighNone Requ...
5.12016-07-18CVE-2016-5387NetworkHighNone Requ...
5.12016-07-18CVE-2016-5385NetworkHighNone Requ...
7.52016-05-21CVE-2016-4543NetworkLowNone Requ...
6.62016-05-14CVE-2016-2015LocalLowNone Requ...
3.62016-03-18CVE-2016-1996LocalLowNone Requ...
102016-03-18CVE-2016-1995NetworkLowNone Requ...
42016-03-18CVE-2016-1994NetworkLowRequires ...
5.52016-03-18CVE-2016-1993NetworkLowRequires ...
62015-07-21CVE-2015-2134NetworkMediumRequires ...

CWE : Common Weakness Enumeration

%idName
21% (10)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
19% (9)CWE-264Permissions, Privileges, and Access Controls
10% (5)CWE-352Cross-Site Request Forgery (CSRF)
10% (5)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
10% (5)CWE-20Improper Input Validation
Hide | Show 8 More...
%idName
8% (4)CWE-284Access Control (Authorization) Issues
6% (3)CWE-200Information Exposure
2% (1)CWE-476NULL Pointer Dereference
2% (1)CWE-399Resource Management Errors
2% (1)CWE-287Improper Authentication
2% (1)CWE-254Security Features
2% (1)CWE-78Improper Sanitization of Special Elements used in an OS Command ('O...
2% (1)CWE-16Configuration

SAINT Exploits

DescriptionLink
HP System Management Homepage ginkgosnmp.inc Command InjectionMore info here
HP System Management Homepage iprange Parameter Stack Buffer OverflowMore info here

Open Source Vulnerability Database (OSVDB)

idDescription
73169HP System Management Homepage (SMH) Unspecified Remote Access Restriction Bypass
73168HP System Management Homepage (SMH) Unspecified Remote Code Execution
68217HP System Management Homepage (SMH) Unspecified Information Disclosure
68216HP System Management Homepage (SMH) hmaserv/common/setitem.php Referer HTTP H...
68125HP System Management Homepage (SMH) Unspecified XSS
Hide | Show 14 More...
idDescription
68124HP System Management Homepage (SMH) Unspecified CRLF Injection
68025HP System Management Homepage (SMH) on Linux Unspecified Information Disclosure
64146HP System Management Homepage (SMH) red2301.html RedirectUrl Parameter Arbitr...
64089HP System Management Homepage (SMH) Unspecified Data Modification
62109HP System Management Homepage (SMH) smhui/getuiinfo servercert Parameter XSS
54608HP System Management Homepage (SMH) Unspecified XSS
49521HP System Management Homepage (SMH) Unspecified Local Privilege Escalation
48966HP System Management Homepage (SMH) Unspecified XSS
46659HP System Management Homepage (SMH) Unspecified XSS
45941HP System Management Homepage (SMH) for Windows OpenSSL Version Regression
37513HP System Management Homepage (SMH) on Linux w/ Novell eDirectory Remote Priv...
36829HP System Management Homepage (SMH) Unspecified XSS
24629HP System Management Homepage (SMH) Crafted URL Interface Authentication Bypass
23569HP System Management Homepage (SMH) on Windows Unspecified Traversal Arbitrar...

OpenVAS Exploits

idDescription
2012-07-09Name : HP System Management Homepage Multiple Vulnerabilities - July 2012
File : nvt/gb_hp_smh_mult_vuln_july12.nasl
2012-04-25Name : HP System Management Homepage Multiple Unspecified Vulnerabilities
File : nvt/secpod_hp_smh_mult_unspecified_vuln.nasl
2012-04-23Name : HP System Management Homepage Cross-site Request Forgery Vulnerability
File : nvt/gb_hp_smh_csrf_vuln.nasl
2011-05-02Name : HP System Management Homepage Multiple Vulnerabilities
File : nvt/secpod_hp_smh_mult_vuln_apr11.nasl
2010-09-29Name : HP System Management Homepage Multiple Vulnerabilities
File : nvt/secpod_hp_smh_mult_vuln.nasl
Hide | Show 9 More...
idDescription
2010-09-20Name : HP System Management Homepage Multiple Vulnerabilities
File : nvt/gb_hp_smh_mult_vuln_9_2010.nasl
2010-05-05Name : HP System Management Homepage Unspecified Vulnerability (Linux)
File : nvt/gb_hp_smh_unspecified_vuln_lin.nasl
2010-05-05Name : HP System Management Homepage Unspecified Vulnerability (Windows)
File : nvt/gb_hp_smh_unspecified_vuln_win.nasl
2010-05-05Name : HP System Management Homepage (SMH) 'RedirectUrl' URI Redirection Vulnerability
File : nvt/gb_hp_smh_url_redirect_vuln.nasl
2010-02-11Name : HP System Management Homepage Cross-site scripting Vulnerability
File : nvt/gb_hp_smh_xss_vuln.nasl
2009-06-05Name : Ubuntu USN-776-2 (kvm)
File : nvt/ubuntu_776_2.nasl
2009-06-01Name : HP System Management Homepage Unspecified XSS Vulnerability
File : nvt/secpod_hp_smh_unspecified_xss_vuln.nasl
2008-12-02Name : HP SMH Unspecified Security Bypass Vulnerability
File : nvt/secpod_hp_smh_unspecified_sec_bypass_vuln_900167.nasl
2008-10-14Name : HP System Management Homepage Unspecified XSS Vulnerability
File : nvt/secpod_hp_smh_unspecified_xss_vuln_900150.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0199Multiple Vulnerabilities in Apple Mac OS X
Severity : Category I - VMSKEY : V0061337
2015-B-0093Multiple Vulnerabilities in HP System Management Homepage (SMH)
Severity : Category I - VMSKEY : V0061133
2013-B-0109HP System Management Homepage (SMH) Command Injection Vulnerability
Severity : Category I - VMSKEY : V0040490

Snort® IPS/IDS

DateDescription
2017-10-24PHP form-based file upload DoS attempt
RuleID : 44390 - Type : SERVER-WEBAPP - Revision : 2
2017-08-15HPE System Management Homepage buffer overflow attempt
RuleID : 43545 - Type : SERVER-WEBAPP - Revision : 2
2017-04-12cURL and libcurl set-cookie remote code execution attempt
RuleID : 41853 - Type : OS-LINUX - Revision : 4
2016-07-28HttpOxy CGI application vulnerability potential man-in-the-middle attempt
RuleID : 39737-community - Type : SERVER-WEBAPP - Revision : 2
2016-08-31HttpOxy CGI application vulnerability potential man-in-the-middle attempt
RuleID : 39737 - Type : SERVER-WEBAPP - Revision : 2
Hide | Show 5 More...
DateDescription
2015-02-24HP System Management Homepage cross site scripting attempt
RuleID : 33114 - Type : SERVER-WEBAPP - Revision : 3
2015-02-11HP System Management iprange parameter buffer overflow attempt
RuleID : 32971 - Type : SERVER-WEBAPP - Revision : 6
2014-01-10HP System Management arbitrary command injection attempt
RuleID : 27105 - Type : SERVER-WEBAPP - Revision : 6
2014-01-10HP System Management arbitrary command injection attempt
RuleID : 27104 - Type : SERVER-WEBAPP - Revision : 6
2014-01-10HP System Management iprange parameter buffer overflow attempt
RuleID : 26418 - Type : SERVER-WEBAPP - Revision : 9

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2017-11-03Name : The remote host is missing a macOS or Mac OS X security update that fixes mul...
File : macosx_SecUpd2017-004.nasl - Type : ACT_GATHER_INFO
2017-10-03Name : The remote host is missing a macOS update that fixes multiple security vulner...
File : macos_10_13.nasl - Type : ACT_GATHER_INFO
2017-09-28Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_6_1.nasl - Type : ACT_GATHER_INFO
2017-07-20Name : An enterprise management application installed on the remote host is affected...
File : oracle_enterprise_manager_jul_2017_cpu.nasl - Type : ACT_GATHER_INFO
2017-06-26Name : The Tenable SecurityCenter application on the remote host contains a web serv...
File : securitycenter_apache_2_4_25.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2017-05-01Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2016-1030.nasl - Type : ACT_GATHER_INFO
2017-05-01Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2016-1049.nasl - Type : ACT_GATHER_INFO
2017-04-13Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-0847.nasl - Type : ACT_GATHER_INFO
2017-04-06Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16704.nasl - Type : ACT_GATHER_INFO
2017-04-06Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20170329_curl_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2017-03-31Name : The remote host is missing a macOS update that fixes multiple security vulner...
File : macos_10_12_4.nasl - Type : ACT_GATHER_INFO
2017-03-30Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-0847.nasl - Type : ACT_GATHER_INFO
2017-03-14Name : An application installed on the remote host is affected by multiple vulnerabi...
File : securitycenter_5_4_3_tns_2017_04.nasl - Type : ACT_GATHER_INFO
2017-02-03Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3177-2.nasl - Type : ACT_GATHER_INFO
2017-01-24Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3177-1.nasl - Type : ACT_GATHER_INFO
2017-01-16Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201701-36.nasl - Type : ACT_GATHER_INFO
2017-01-12Name : The remote web server is affected by multiple vulnerabilities.
File : apache_2_2_32.nasl - Type : ACT_GATHER_INFO
2017-01-12Name : The remote web server is affected by multiple vulnerabilities.
File : apache_2_4_25.nasl - Type : ACT_GATHER_INFO
2016-12-27Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2016-358-01.nasl - Type : ACT_GATHER_INFO
2016-12-21Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_862d6ab3c75e11e69f9820cf30e32f6d.nasl - Type : ACT_GATHER_INFO
2016-12-20Name : The remote Debian host is missing a security update.
File : debian_DLA-749.nasl - Type : ACT_GATHER_INFO
2016-12-20Name : The remote Debian host is missing a security update.
File : debian_DLA-749.nasl - Type : ACT_GATHER_INFO
2016-12-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1440.nasl - Type : ACT_GATHER_INFO
2016-12-01Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201611-22.nasl - Type : ACT_GATHER_INFO
2016-11-21Name : The remote Fedora host is missing a security update.
File : fedora_2016-38e5b05260.nasl - Type : ACT_GATHER_INFO