Hp System Management Homepage vulnerabilities
77 known vulnerabilities affecting hp/system_management_homepage.
Total CVEs
77
CISA KEV
2
actively exploited
Public exploits
3
Exploited in wild
2
Severity breakdown
CRITICAL10HIGH14MEDIUM48LOW5
Vulnerabilities
Page 3 of 4
CVE-2012-5217MEDIUMCVSS 5.0≤ 7.2v7.0+1 more2013-07-22
CVE-2012-5217 [MEDIUM] CWE-264 CVE-2012-5217: HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access r
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2355.
nvd
CVE-2013-2359MEDIUMCVSS 4.0≤ 7.2v7.0+1 more2013-07-22
CVE-2013-2359 [MEDIUM] CVE-2013-2359: Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenti
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2360.
nvd
CVE-2013-2355MEDIUMCVSS 5.0≤ 7.2v7.0+1 more2013-07-22
CVE-2013-2355 [MEDIUM] CVE-2013-2355: HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access r
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2012-5217.
nvd
CVE-2013-2357MEDIUMCVSS 4.0≤ 7.2v7.0+1 more2013-07-22
CVE-2013-2357 [MEDIUM] CVE-2013-2357: Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenti
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2358, CVE-2013-2359, and CVE-2013-2360.
nvd
CVE-2013-2363MEDIUMCVSS 5.0≤ 7.2v7.0+1 more2013-07-22
CVE-2013-2363 [MEDIUM] CVE-2013-2363: HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive informa
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356.
nvd
CVE-2013-2358MEDIUMCVSS 4.0≤ 7.2v7.0+1 more2013-07-22
CVE-2013-2358 [MEDIUM] CVE-2013-2358: Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenti
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2359, and CVE-2013-2360.
nvd
CVE-2013-2360MEDIUMCVSS 4.0≤ 7.2v7.0+1 more2013-07-22
CVE-2013-2360 [MEDIUM] CVE-2013-2360: Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenti
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2359.
nvd
CVE-2013-2356MEDIUMCVSS 5.0≤ 7.2v7.0+1 more2013-07-22
CVE-2013-2356 [MEDIUM] CVE-2013-2356: HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive informa
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2363.
nvd
CVE-2013-2362LOWCVSS 2.1≤ 7.2v7.0+1 more2013-07-22
CVE-2013-2362 [LOW] CVE-2013-2362: Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows local users to
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows local users to cause a denial of service via unknown vectors, aka ZDI-CAN-1676.
nvd
CVE-2013-2364LOWCVSS 3.5≤ 7.2v7.0+1 more2013-07-22
CVE-2013-2364 [LOW] CWE-79 CVE-2013-2364: Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2012-2015CRITICALCVSS 9.0≤ 7.1.0-16v2.0.0+69 more2012-06-29
CVE-2012-2015 [CRITICAL] CVE-2012-2015: Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote authenti
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote authenticated users to gain privileges and obtain sensitive information via unknown vectors.
nvd
CVE-2012-2014CRITICALCVSS 9.0≤ 7.1.0-16v2.0.0+69 more2012-06-29
CVE-2012-2014 [CRITICAL] CVE-2012-2014: HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remo
HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated users to have an unspecified impact via unknown vectors.
nvd
CVE-2012-2012CRITICALCVSS 10.0≤ 7.1.0-16v2.0.0+69 more2012-06-29
CVE-2012-2012 [CRITICAL] CVE-2012-2012: HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for uns
HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
nvd
CVE-2012-2013HIGHCVSS 7.5≤ 7.1.0-16v2.0.0+69 more2012-06-29
CVE-2012-2013 [HIGH] CVE-2012-2013: Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote attacker
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via unknown vectors.
nvd
CVE-2012-2016MEDIUMCVSS 4.9≤ 7.1.0-16v2.0.0+69 more2012-06-29
CVE-2012-2016 [MEDIUM] CVE-2012-2016: Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows local users to
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows local users to obtain sensitive information via unknown vectors.
nvd
CVE-2012-1993LOWCVSS 3.2≤ 6.1.0-103v2.0.0+58 more2012-04-18
CVE-2012-1993 [LOW] CVE-2012-1993: Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to mo
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors.
nvd
CVE-2012-0135LOWCVSS 3.5≤ 6.1.0-103v2.0.0+58 more2012-04-18
CVE-2012-0135 [LOW] CVE-2012-0135: Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authentica
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authenticated users to cause a denial of service via unknown vectors.
nvd
CVE-2011-3846MEDIUMCVSS 6.8v6.2.2.72012-04-12
CVE-2011-3846 [MEDIUM] CWE-352 CVE-2011-3846: Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 6.2.2.7 allow
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 6.2.2.7 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.
nvd
CVE-2011-1541CRITICALCVSS 10.0≤ 6.2.3.8v2.0.0+67 more2011-04-29
CVE-2011-1541 [CRITICAL] CVE-2011-1541: Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors.
nvd
CVE-2011-1540CRITICALCVSS 9.0≤ 6.2.3.8v2.0.0+67 more2011-04-29
CVE-2011-1540 [CRITICAL] CVE-2011-1540: Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authentica
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authenticated users to execute arbitrary code via unknown vectors.
nvd