CVE-2012-2012 — Code Injection in HP System Management Homepage

CWE-94 — Code Injection CWE-79 — Cross-site Scripting CWE-39952 documents14 sources

Severity

10.0CRITICALNVD

GHSA4.3

EPSS

4.5%

top 10.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP System Management Homepage

Timeline

PublishedJun 29

Latest updateMay 17

Description

HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDhp/system_management_homepage7.1.0-16+70

Patches

Patch: h20000.www2.hp.com ↗Patch: h20000.www2.hp.com ↗

🔴Vulnerability Details

GHSA

Plone python code injection↗2022-05-17

▶

GHSA

Apache ActiveMQ Cross-site scripting (XSS) vulnerability in the Portfolio publisher servlet↗2022-05-17

▶

GHSA

GHSA-pmxr-3vvf-xfm5: HP System Management Homepage (SMH) before 7↗2022-05-13

▶

GHSA

Jenkins allows Cross-Site Scripting (XSS)↗2022-05-04

▶

CVEList

CVE-2012-2012: HP System Management Homepage (SMH) before 7↗2012-06-29

▶

💥Exploits & PoCs

Exploit-DB

Java Applet - AverageRangeStatisticImpl Remote Code Execution (Metasploit)↗2013-01-24

▶

Exploit-DB

WordPress Plugin MM Forms Community 2.2.6 - Arbitrary File Upload↗2012-06-06

▶

Exploit-DB

Microsoft Terminal Services - Use-After-Free (MS12-020)↗2012-03-16

▶

Exploit-DB

PHPB2B 4.1 - 'q' Cross-Site Scripting↗2011-01-01

▶

Nuclei

Canon Devices - Authentication Bypass in Catwalk Server

▶

📋Vendor Advisories

Red Hat

JDK: java.lang.ClassLoder defineClass() code execution↗2012-11-13

▶

Red Hat

Django: Host header poisoning vulnerability↗2012-10-17

▶

Cisco

Cisco IOS SSL VPN Portal Page Denial of Service Vulnerability↗2012-08-10

▶

Red Hat

Mozilla: Gecko memory corruption (MFSA 2012-44)↗2012-07-17

▶

Red Hat

kernel: net: improve sequence number generation↗2011-08-07

▶

🕵️Threat Intelligence

Trendmicro

Asruex Backdoor Infects Files Via Old Vulnerabilities↗2019-08-22

▶

Fortinet

Rehashed RAT Used in APT Campaign Against Vietnamese Organizations↗2017-09-05

▶

💬Community

Bugzilla

CVE-2012-6135 rubygem-passenger: untrusted apps Security check socket filenames reported by spawned application processes [epel-6]↗2013-03-05

▶

Bugzilla

CVE-2012-5510 kernel: xen: Grant table version switch list corruption vulnerability [fedora-all]↗2012-12-03

▶

Bugzilla

CVE-2012-5120 CVE-2012-5128 v8: multiple flaws fixed in Google V8 3.13.7.5 (Chrome 23.0.1271.64) [fedora-all]↗2012-11-08

▶

Bugzilla

CVE-2012-4564 libtiff: Missing return value check in ppm2tiff leading to heap-buffer overflow when reading a tiff file↗2012-10-31

▶

Bugzilla

CVE-2012-4460 qpid-cpp: lack of bounds checking in qpid::framing::Buffer can lead to DoS if asserts are enabled↗2012-09-27

▶