CVE-2010-3011Improper Input Validation in HP System Management Homepage

CWE-20Improper Input Validation3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.5%
top 32.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
HP System Management Homepage
Timeline
PublishedSep 17
Latest updateMay 13

Description

CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-rf84-hw64-3p3f: CRLF injection vulnerability in HP System Management Homepage (SMH) before 62022-05-13
CVEList
CVE-2010-3011: CRLF injection vulnerability in HP System Management Homepage (SMH) before 62010-09-17
CVE-2010-3011 — Improper Input Validation in HP | cvebase