CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

HP » Systems Insight Manager : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2012-1999 +Info 2013-03-11 2013-03-18
8.5
None Remote Low Single system Complete Complete None
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote authenticated users to obtain sensitive information or modify data via unknown vectors.
2 CVE-2012-1998 DoS +Info 2013-03-11 2013-03-17
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-1997.
3 CVE-2012-1997 DoS +Info 2013-03-11 2013-03-17
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-1998.
4 CVE-2012-1996 2013-03-11 2013-03-17
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote attackers to modify data via unknown vectors.
5 CVE-2012-1995 +Info 2013-03-11 2013-03-17
3.2
None Local Low Single system Partial Partial None
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows local users to obtain sensitive information or modify data via unknown vectors.
6 CVE-2011-1543 352 CSRF 2011-04-29 2011-09-21
4.3
None Remote Medium Not required None Partial None
Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
7 CVE-2011-1542 79 XSS 2011-04-29 2011-09-21
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
8 CVE-2010-3290 +Priv 2010-10-23 2010-11-11
6.5
None Remote Low Single system Partial Partial Partial
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote authenticated users to gain privileges via unknown vectors.
9 CVE-2010-3289 79 XSS 2010-10-23 2010-11-11
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
10 CVE-2010-3288 352 CSRF 2010-10-23 2010-11-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
11 CVE-2010-3286 2010-10-18 2010-11-11
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in HP Systems Insight Manager (SIM) 6.0 and 6.1 allows remote attackers to read arbitrary files via unknown vectors.
12 CVE-2010-1556 +Info 2010-05-14 2010-05-20
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in HP Systems Insight Manager (SIM) 5.3, 5.3 Update 1, and 6.0 allows remote attackers to obtain sensitive information and modify data via unknown vectors.
13 CVE-2010-1038 +Priv 2010-04-28 2010-06-01
6.5
User Remote Low Single system Partial Partial Partial
Unspecified vulnerability in HP System Insight Manager before 6.0 allows remote authenticated users to gain privileges via unknown vectors.
14 CVE-2010-1037 352 CSRF 2010-04-28 2010-06-02
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
15 CVE-2010-1036 79 XSS 2010-04-28 2010-06-03
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
16 CVE-2009-0713 +Info 2009-03-11 2009-03-21
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager before 2.5.2.0 allows remote attackers to obtain sensitive information via unknown vectors.
17 CVE-2008-4412 200 +Info 2008-10-17 2009-07-22
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5.2 Update 2 (C.05.02.02.00) allows remote attackers to obtain sensitive information via unspecified vectors.
18 CVE-2007-2719 287 2007-05-16 2012-11-05
10.0
Admin Remote Low Not required Complete Complete Complete
Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie.
19 CVE-2006-0656 Dir. Trav. 2006-02-13 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in HP Systems Insight Manager 4.2 through 5.0 SP3 for Windows allows remote attackers to access arbitrary files via unspecified vectors, a different vulnerability than CVE-2005-2006.
20 CVE-2005-3983 DoS 2005-12-04 2008-09-05
7.8
None Remote Low Not required None None Complete
Unknown vulnerability in the login page for HP Systems Insight Manager (SIM) 4.0 and 4.1, when accessed by Microsoft Internet Explorer with the MS04-025 patch, leads to a denial of service (browser hang). NOTE: although the advisory is vague, this issue does not appear to involve an attacker at all. If not, then this issue is not a vulnerability.
Total number of vulnerabilities : 20   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.