Computer Security
[EN] securityvulns.ru no-pyccku


HP SiteScope security vulnerabilities
Published:27.03.2014
Source:
SecurityVulns ID:13642
Type:remote
Threat Level:
6/10
Description:Code execution, information leakage, DoS on SOAP requests.
Affected:HP : SiteScope 11.21
CVE:CVE-2013-6207 (Unspecified vulnerability in the loadFileContents function in the SOAP implementation in HP SiteScope 10.1x, 11.1x, and 11.21 allows remote attackers to read arbitrary files or cause a denial of service via unknown vectors, aka ZDI-CAN-2084.)
 CVE-2013-4835 (The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765.)
Original documentdocumentHP, [security bulletin] HPSBMU02933 rev.2 - HP SiteScope, issueSiebelCmd and loadFileContents SOAP Requests, Remote Code Execution, Arbitrary File download, Denial of Service (DoS) (27.03.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod