This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:hp:system_management_homepage:2.1.10.186
Detail
VendorHpFirst view 2008-10-13
ProductSystem Management HomepageLast view2018-02-15
Version2.1.10.186TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:hp:system_management_homepage

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
5.52018-02-15CVE-2017-12553LocalHighRequires ...
5.52018-02-15CVE-2017-12552LocalHighRequires ...
5.52018-02-15CVE-2017-12551LocalHighRequires ...
5.52018-02-15CVE-2017-12550LocalHighRequires ...
5.52018-02-15CVE-2017-12549LocalHighRequires ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
5.52018-02-15CVE-2017-12548LocalHighRequires ...
5.52018-02-15CVE-2017-12547LocalHighRequires ...
5.52018-02-15CVE-2017-12546LocalHighRequires ...
7.82018-02-15CVE-2017-12545NetworkLowNone Requ...
3.52018-02-15CVE-2017-12544NetworkMediumRequires ...
7.82016-10-28CVE-2016-4396NetworkLowNone Requ...
7.82016-10-28CVE-2016-4395NetworkLowNone Requ...
5.82016-10-28CVE-2016-4394NetworkMediumNone Requ...
3.52016-10-28CVE-2016-4393NetworkMediumRequires ...
5.12016-07-18CVE-2016-5388NetworkHighNone Requ...
5.12016-07-18CVE-2016-5387NetworkHighNone Requ...
5.12016-07-18CVE-2016-5385NetworkHighNone Requ...
7.52016-05-21CVE-2016-4543NetworkLowNone Requ...
6.62016-05-14CVE-2016-2015LocalLowNone Requ...
3.62016-03-18CVE-2016-1996LocalLowNone Requ...
102016-03-18CVE-2016-1995NetworkLowNone Requ...
42016-03-18CVE-2016-1994NetworkLowRequires ...
5.52016-03-18CVE-2016-1993NetworkLowRequires ...
62015-07-21CVE-2015-2134NetworkMediumRequires ...

CWE : Common Weakness Enumeration

%idName
21% (9)CWE-264Permissions, Privileges, and Access Controls
21% (9)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
11% (5)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
9% (4)CWE-284Access Control (Authorization) Issues
9% (4)CWE-20Improper Input Validation
Hide | Show 7 More...
%idName
7% (3)CWE-352Cross-Site Request Forgery (CSRF)
7% (3)CWE-200Information Exposure
2% (1)CWE-476NULL Pointer Dereference
2% (1)CWE-399Resource Management Errors
2% (1)CWE-287Improper Authentication
2% (1)CWE-254Security Features
2% (1)CWE-16Configuration

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:27002HP-UX running System Management Homepage (SMH), Remote Cross-Site Request For...

SAINT Exploits

DescriptionLink
HP System Management Homepage iprange Parameter Stack Buffer OverflowMore info here

Open Source Vulnerability Database (OSVDB)

idDescription
73169HP System Management Homepage (SMH) Unspecified Remote Access Restriction Bypass
73168HP System Management Homepage (SMH) Unspecified Remote Code Execution
68217HP System Management Homepage (SMH) Unspecified Information Disclosure
68216HP System Management Homepage (SMH) hmaserv/common/setitem.php Referer HTTP H...
68125HP System Management Homepage (SMH) Unspecified XSS
Hide | Show 5 More...
idDescription
68124HP System Management Homepage (SMH) Unspecified CRLF Injection
62109HP System Management Homepage (SMH) smhui/getuiinfo servercert Parameter XSS
54608HP System Management Homepage (SMH) Unspecified XSS
49521HP System Management Homepage (SMH) Unspecified Local Privilege Escalation
48966HP System Management Homepage (SMH) Unspecified XSS

OpenVAS Exploits

idDescription
2012-07-09Name : HP System Management Homepage Multiple Vulnerabilities - July 2012
File : nvt/gb_hp_smh_mult_vuln_july12.nasl
2012-04-25Name : HP System Management Homepage Multiple Unspecified Vulnerabilities
File : nvt/secpod_hp_smh_mult_unspecified_vuln.nasl
2011-05-02Name : HP System Management Homepage Multiple Vulnerabilities
File : nvt/secpod_hp_smh_mult_vuln_apr11.nasl
2010-09-29Name : HP System Management Homepage Multiple Vulnerabilities
File : nvt/secpod_hp_smh_mult_vuln.nasl
2010-09-20Name : HP System Management Homepage Multiple Vulnerabilities
File : nvt/gb_hp_smh_mult_vuln_9_2010.nasl
Hide | Show 5 More...
idDescription
2010-02-11Name : HP System Management Homepage Cross-site scripting Vulnerability
File : nvt/gb_hp_smh_xss_vuln.nasl
2009-06-05Name : Ubuntu USN-776-2 (kvm)
File : nvt/ubuntu_776_2.nasl
2009-06-01Name : HP System Management Homepage Unspecified XSS Vulnerability
File : nvt/secpod_hp_smh_unspecified_xss_vuln.nasl
2008-12-02Name : HP SMH Unspecified Security Bypass Vulnerability
File : nvt/secpod_hp_smh_unspecified_sec_bypass_vuln_900167.nasl
2008-10-14Name : HP System Management Homepage Unspecified XSS Vulnerability
File : nvt/secpod_hp_smh_unspecified_xss_vuln_900150.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0199Multiple Vulnerabilities in Apple Mac OS X
Severity : Category I - VMSKEY : V0061337
2015-B-0093Multiple Vulnerabilities in HP System Management Homepage (SMH)
Severity : Category I - VMSKEY : V0061133

Snort® IPS/IDS

DateDescription
2017-10-24PHP form-based file upload DoS attempt
RuleID : 44390 - Type : SERVER-WEBAPP - Revision : 2
2017-08-15HPE System Management Homepage buffer overflow attempt
RuleID : 43545 - Type : SERVER-WEBAPP - Revision : 2
2017-04-12cURL and libcurl set-cookie remote code execution attempt
RuleID : 41853 - Type : OS-LINUX - Revision : 4
2016-07-28HttpOxy CGI application vulnerability potential man-in-the-middle attempt
RuleID : 39737-community - Type : SERVER-WEBAPP - Revision : 2
2016-08-31HttpOxy CGI application vulnerability potential man-in-the-middle attempt
RuleID : 39737 - Type : SERVER-WEBAPP - Revision : 2
Hide | Show 3 More...
DateDescription
2015-02-24HP System Management Homepage cross site scripting attempt
RuleID : 33114 - Type : SERVER-WEBAPP - Revision : 3
2015-02-11HP System Management iprange parameter buffer overflow attempt
RuleID : 32971 - Type : SERVER-WEBAPP - Revision : 6
2014-01-10HP System Management iprange parameter buffer overflow attempt
RuleID : 26418 - Type : SERVER-WEBAPP - Revision : 9

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2017-11-03Name : The remote host is missing a macOS or Mac OS X security update that fixes mul...
File : macosx_SecUpd2017-004.nasl - Type : ACT_GATHER_INFO
2017-10-03Name : The remote host is missing a macOS update that fixes multiple security vulner...
File : macos_10_13.nasl - Type : ACT_GATHER_INFO
2017-09-28Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_6_1.nasl - Type : ACT_GATHER_INFO
2017-07-20Name : An enterprise management application installed on the remote host is affected...
File : oracle_enterprise_manager_jul_2017_cpu.nasl - Type : ACT_GATHER_INFO
2017-06-26Name : The Tenable SecurityCenter application on the remote host contains a web serv...
File : securitycenter_apache_2_4_25.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2017-05-01Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2016-1030.nasl - Type : ACT_GATHER_INFO
2017-05-01Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2016-1049.nasl - Type : ACT_GATHER_INFO
2017-04-13Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-0847.nasl - Type : ACT_GATHER_INFO
2017-04-06Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16704.nasl - Type : ACT_GATHER_INFO
2017-04-06Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20170329_curl_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2017-03-31Name : The remote host is missing a macOS update that fixes multiple security vulner...
File : macos_10_12_4.nasl - Type : ACT_GATHER_INFO
2017-03-30Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-0847.nasl - Type : ACT_GATHER_INFO
2017-03-14Name : An application installed on the remote host is affected by multiple vulnerabi...
File : securitycenter_5_4_3_tns_2017_04.nasl - Type : ACT_GATHER_INFO
2017-02-03Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3177-2.nasl - Type : ACT_GATHER_INFO
2017-01-24Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3177-1.nasl - Type : ACT_GATHER_INFO
2017-01-16Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201701-36.nasl - Type : ACT_GATHER_INFO
2017-01-12Name : The remote web server is affected by multiple vulnerabilities.
File : apache_2_2_32.nasl - Type : ACT_GATHER_INFO
2017-01-12Name : The remote web server is affected by multiple vulnerabilities.
File : apache_2_4_25.nasl - Type : ACT_GATHER_INFO
2016-12-27Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2016-358-01.nasl - Type : ACT_GATHER_INFO
2016-12-21Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_862d6ab3c75e11e69f9820cf30e32f6d.nasl - Type : ACT_GATHER_INFO
2016-12-20Name : The remote Debian host is missing a security update.
File : debian_DLA-749.nasl - Type : ACT_GATHER_INFO
2016-12-20Name : The remote Debian host is missing a security update.
File : debian_DLA-749.nasl - Type : ACT_GATHER_INFO
2016-12-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1440.nasl - Type : ACT_GATHER_INFO
2016-12-01Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201611-22.nasl - Type : ACT_GATHER_INFO
2016-11-21Name : The remote Fedora host is missing a security update.
File : fedora_2016-38e5b05260.nasl - Type : ACT_GATHER_INFO