CVE-2015-2120 : Unspecified vulnerability in HP SiteScope 11.1x before 11.13, 11.2x before 11.24

Unspecified vulnerability in HP SiteScope 11.1x before 11.13, 11.2x before 11.24.391, and 11.3x before 11.30.521 allows remote authenticated users to gain privileges via unknown vectors, aka ZDI-CAN-2567.

Published 2015-05-25 14:59:17

Updated 2025-04-12 10:46:41

Source HP Inc.

View at NVD, CVE.org

Products affected by CVE-2015-2120

HP » Sitescope » Version: 11.13
cpe:2.3:a:hp:sitescope:11.13:*:*:*:*:*:*:*
Matching versions
HP » Sitescope » Version: 11.30.521
cpe:2.3:a:hp:sitescope:11.30.521:*:*:*:*:*:*:*
Matching versions
HP » Sitescope » Version: 11.24.391
cpe:2.3:a:hp:sitescope:11.24.391:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2015-2120

EPSS FAQ

0.94%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 74 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-2120

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
8.7	HIGH	AV:N/AC:L/Au:S/C:C/I:P/A:C	8.0	9.5	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Complete Integrity Impact: Partial Availability Impact: Complete

References for CVE-2015-2120

http://www.zerodayinitiative.com/advisories/ZDI-15-239

ZDI-15-239 | Zero Day Initiative
http://www.securityfocus.com/bid/74801

HP SiteScope CVE-2015-2120 Remote Privilege Escalation Vulnerability
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04688784

HP Support for Technical Help and Troubleshooting | HP® Customer Service.
Patch;Vendor Advisory

Jump to

Vulnerability Details : CVE-2015-2120

Products affected by CVE-2015-2120

Exploit prediction scoring system (EPSS) score for CVE-2015-2120

CVSS scores for CVE-2015-2120

References for CVE-2015-2120