Vulnerability Details : CVE-2011-1858
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows local users to bypass intended access restrictions via unknown vectors.
Products affected by CVE-2011-1858
- cpe:2.3:a:hp:service_manager:9.20:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:9.21:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:7.02:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_manager:7.11:*:*:*:*:*:*:*
- cpe:2.3:a:hp:service_center:6.2.8:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1858
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 19 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1858
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.3
|
MEDIUM | AV:L/AC:L/Au:S/C:P/I:P/A:P |
3.1
|
6.4
|
NIST |
References for CVE-2011-1858
-
http://www.securityfocus.com/bid/48168
HP Service Manager and Service Center Multiple Vulnerabilities
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/67909
HP Service Manager and Service Center permissions unauthorized access CVE-2011-1858 Vulnerability Report
-
http://secunia.com/advisories/44836
Sign in
-
http://marc.info/?l=bugtraq&m=130755929821099&w=2
'[security bulletin] HPSBMA02674 SSRT100487 rev.1 - HP Service Manager and HP Service Center, Unautho' - MARCVendor Advisory
-
http://www.securitytracker.com/id?1025611
HP Service Manager Multiple Bugs Let Remote Authenticated Users Gain Access and Inject Scripting Code, Remote Users Conduct Cross-Site Scripting Attacks, Hijack Sessions, and Obtain Information - Secu
-
http://securityreason.com/securityalert/8273
HP Service Manager and HP Service Center Multiple Vulns - CXSecurity.com
Jump to