Vulnerability Details : CVE-2011-1857
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote authenticated users to bypass intended access restrictions via unknown vectors.
Products affected by CVE-2011-1857
- cpe:2.3:a:hp:service_manager:9.20:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:9.21:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:7.02:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:7.11:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_center:6.2.8:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1857
0.72%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 70 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1857
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
8.2
|
HIGH | AV:N/AC:M/Au:S/C:P/I:C/A:C |
6.8
|
9.5
|
NIST |
References for CVE-2011-1857
-
http://www.securityfocus.com/bid/48168
HP Service Manager and Service Center Multiple Vulnerabilities
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/67908
HP Service Manager and Service Center unspecified unauthorized access CVE-2011-1857 Vulnerability Report
-
http://marc.info/?l=bugtraq&m=130755929821099&w=2
'[security bulletin] HPSBMA02674 SSRT100487 rev.1 - HP Service Manager and HP Service Center, Unautho' - MARCVendor Advisory
-
http://www.securitytracker.com/id?1025611
HP Service Manager Multiple Bugs Let Remote Authenticated Users Gain Access and Inject Scripting Code, Remote Users Conduct Cross-Site Scripting Attacks, Hijack Sessions, and Obtain Information - Secu
-
http://securityreason.com/securityalert/8273
HP Service Manager and HP Service Center Multiple Vulns - CXSecurity.com
Jump to