Vulnerability Details : CVE-2012-5216
Cross-site request forgery (CSRF) vulnerability on HP ProCurve 1700-8 (aka J9079A) switches with software before VA.02.09 and 1700-24 (aka J9080A) switches with software before VB.02.09 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Vulnerability category: Cross-site request forgery (CSRF)
Products affected by CVE-2012-5216
- cpe:2.3:o:hp:procurve_switch_software:*:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.10:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.09:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.08:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.07:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.06:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.19:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.14:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.12:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.05:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.18:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.17:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.16:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.15:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.20:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.13:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.11:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.04:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pb.03.00:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pb.02.03:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pb.02.01:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pb.02.08:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pb.02.07:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pb.02.06:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pb.02.05:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pb.03.01:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pb.02.09:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pb.02.04:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pb.02.02:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pa.03.01:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pa.02.09:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pa.02.04:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pa.02.02:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pa.02.08:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pa.02.07:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pa.02.06:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pa.02.05:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pa.03.00:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pa.02.03:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pa.02.01:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.28:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.26:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.21:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.25:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.24:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.23:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.22:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.27:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.72:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.67:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.65:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.58:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.56:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.49:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.47:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.42:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.40:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.32:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.30:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.23:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.71:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.70:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.69:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.68:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.55:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.54:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.53:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.52:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.51:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.38:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.37:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.36:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.35:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.20:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.109:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.108:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.107:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.93:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.92:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.91:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.90:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.77:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.76:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.75:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.74:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.57:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.56:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.55:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.53:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.21:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.106:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.104:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.97:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.95:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.88:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.86:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.81:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.79:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.72:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.70:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.60:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.58:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.07.56:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.07.54:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.07.31:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.07.02:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.63:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.62:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.61:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.60:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.46:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.45:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.44:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.43:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.28:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.27:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.26:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.25:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.102:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.101:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.100:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.99:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.85:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.84:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.83:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.82:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.67:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.65:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.64:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.62:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.07.50:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.07.46:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.07.45:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.07.41:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.07.32:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.73:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.66:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.64:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.59:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.57:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.50:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.48:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.41:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.39:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.33:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.31:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.29:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.24:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.22:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.105:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.103:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.98:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.96:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.94:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.89:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.87:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.80:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.78:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.73:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.71:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.69:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.61:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.08.59:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.07.55:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.07.53:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.07.03:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pa.03.02:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.31:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pb.03.03:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.44:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.47:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.39:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.38:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.52:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.53:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.49:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.50:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h:10.74:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pb.03.02:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.46:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.41:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.40:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.33:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.32:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.80:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.48:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.29:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pb.03.04:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pa.03.03:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.45:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.37:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.36:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h.10.74:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.51:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.54:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:h:10.80:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.30:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:pa.03.04:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.43:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.42:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.35:*:*:*:*:*:*:*
- cpe:2.3:o:hp:procurve_switch_software:r.11.34:*:*:*:*:*:*:*
- cpe:2.3:h:hp:procurve_switch_1700-8:-:*:*:*:*:*:*:*
- cpe:2.3:h:hp:procurve_switch_1700-24:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-5216
0.13%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 30 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-5216
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
CWE ids for CVE-2012-5216
-
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-5216
-
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03699981
HP Support for Technical Help and Troubleshooting | HP® Customer Service.Vendor Advisory
-
http://jvn.jp/en/jp/JVN48108258/index.html
JVN#48108258: HP ProCurve 1700 series switches vulnerable to cross-site request forgery
Jump to