Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | HP SOA Registry Foundation, Remote Unauthorized Access to Data, Cross Site Scripting (XSS), Privilege Escalation |
| Informations | |||
|---|---|---|---|
| Name | HPSBMA02490 SSRT090222 | First vendor Publication | 2010-03-29 |
| Vendor | HP | Last vendor Modification | 2010-04-02 |
| Severity (Vendor) | N/A | Revision | 2 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 8.5 | Attack Range | Network |
| Cvss Impact Score | 9.2 | Attack Complexity | Low |
| Cvss Expoit Score | 8 | Authentication | Requires single instance |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Potential security vulnerabilities have been identified with HP SOA Registry Foundation. The vulnerabilities could be exploited remotely to gain unauthorized access to data, for cross site scripting (XSS), or to escalate privileges. |
Original Source
| Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02037890 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 2 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 63446 | HP SOA Registry Foundation Unspecified Remote Privilege Escalation |
| 63445 | HP SOA Registry Foundation Unspecified XSS |
| 63444 | HP SOA Registry Foundation Unspecified Unauthorized Data Access |
