HP » System Management Homepage : Security Vulnerabilities, CVEs, Published In 2007
HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL.
Max CVSS
2.1
EPSS Score
0.06%
Published
2007-09-18
Updated
2011-03-08
HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges.
Max CVSS
9.0
EPSS Score
0.54%
Published
2007-06-19
Updated
2017-07-29
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
1.82%
Published
2007-06-06
Updated
2017-07-29
3 vulnerabilities found