What is the severity of CVE-2009-4185?

CVE-2009-4185 is classified as a moderate severity vulnerability due to its potential for cross-site scripting (XSS) attacks.

How do I fix CVE-2009-4185?

To fix CVE-2009-4185, you should update your HP System Management Homepage to version 6.0 or later.

What versions of HP System Management Homepage are affected by CVE-2009-4185?

CVE-2009-4185 affects multiple versions of HP System Management Homepage before 6.0, including versions 2.0.0 to 3.0.2.77.

What type of vulnerability is CVE-2009-4185?

CVE-2009-4185 is a cross-site scripting (XSS) vulnerability allowing attackers to inject arbitrary web scripts or HTML.

Can CVE-2009-4185 be exploited remotely?

Yes, CVE-2009-4185 can be exploited remotely by attackers to execute malicious scripts in the context of the user's browser.

Vulnerability/
CVE-2009-4185

medium

4.3

CWE

5/2/2010

7/8/2024

CVE-2009-4185: XSS

First published: Fri Feb 05 2010(Updated: )

Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter.

Credit: hp-security-alert@hp.com

Affected Software	Affected Version	How to fix
HP System Management Homepage	=2.1.9-178
HP System Management Homepage	=2.1.2-127
HP System Management Homepage	=2.1.11-197
HP System Management Homepage	=2.1.2
HP System Management Homepage	=2.1.6
HP System Management Homepage	=2.0.2
HP System Management Homepage	=2.1.8-177
HP System Management Homepage	=2.1.4-143
HP System Management Homepage	=2.2.6
HP System Management Homepage	=2.1.0-103
HP System Management Homepage	=2.1.11
HP System Management Homepage	=2.1.12-118
HP System Management Homepage	=2.1.1
HP System Management Homepage	=2.1.8
HP System Management Homepage	=2.0.0
HP System Management Homepage	=3.0.1.73
HP System Management Homepage	=2.1.0-103\(a\)
HP System Management Homepage	=2.0.1
HP System Management Homepage	=2.1.0-109
HP System Management Homepage	=2.1.5-146
HP System Management Homepage	=2.1.12-200
HP System Management Homepage	=2.1.0-118
HP System Management Homepage	=2.2.8
HP System Management Homepage	=2.1.9
HP System Management Homepage	=2.1.5
HP System Management Homepage	=2.1.3
HP System Management Homepage	=2.1.3.132
HP System Management Homepage	=2.1.7
HP System Management Homepage	=2.1.6-156
HP System Management Homepage	=2.1.7-168
HP System Management Homepage	=2.1.10
HP System Management Homepage	=2.1
HP System Management Homepage	=2.1.10-186
HP System Management Homepage	=3.0.0-68
HP System Management Homepage	=2.1.4
HP System Management Homepage	<=3.0.2.77
HP System Management Homepage	=2.1.15-210

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-4185?
CVE-2009-4185 is classified as a moderate severity vulnerability due to its potential for cross-site scripting (XSS) attacks.
How do I fix CVE-2009-4185?
To fix CVE-2009-4185, you should update your HP System Management Homepage to version 6.0 or later.
What versions of HP System Management Homepage are affected by CVE-2009-4185?
CVE-2009-4185 affects multiple versions of HP System Management Homepage before 6.0, including versions 2.0.0 to 3.0.2.77.
What type of vulnerability is CVE-2009-4185?
CVE-2009-4185 is a cross-site scripting (XSS) vulnerability allowing attackers to inject arbitrary web scripts or HTML.
Can CVE-2009-4185 be exploited remotely?
Yes, CVE-2009-4185 can be exploited remotely by attackers to execute malicious scripts in the context of the user's browser.

collector/nvd-historical
collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/last-modified-date
agent/weakness
agent/references
agent/tags
agent/event
agent/first-publish-date
agent/description
agent/source
vendor/hp
canonical/hp system management homepage
version/hp system management homepage/2.1.9-178
version/hp system management homepage/2.1.2-127
version/hp system management homepage/2.1.11-197
version/hp system management homepage/2.1.2
version/hp system management homepage/2.1.6
version/hp system management homepage/2.0.2
version/hp system management homepage/2.1.8-177
version/hp system management homepage/2.1.4-143
version/hp system management homepage/2.2.6
version/hp system management homepage/2.1.0-103
version/hp system management homepage/2.1.11
version/hp system management homepage/2.1.12-118
version/hp system management homepage/2.1.1
version/hp system management homepage/2.1.8
version/hp system management homepage/2.0.0
version/hp system management homepage/3.0.1.73
version/hp system management homepage/2.1.0-103\(a\)
version/hp system management homepage/2.0.1
version/hp system management homepage/2.1.0-109
version/hp system management homepage/2.1.5-146
version/hp system management homepage/2.1.12-200
version/hp system management homepage/2.1.0-118
version/hp system management homepage/2.2.8
version/hp system management homepage/2.1.9
version/hp system management homepage/2.1.5
version/hp system management homepage/2.1.3
version/hp system management homepage/2.1.3.132
version/hp system management homepage/2.1.7
version/hp system management homepage/2.1.6-156
version/hp system management homepage/2.1.7-168
version/hp system management homepage/2.1.10
version/hp system management homepage/2.1
version/hp system management homepage/2.1.10-186
version/hp system management homepage/3.0.0-68
version/hp system management homepage/2.1.4
version/hp system management homepage/3.0.2.77
version/hp system management homepage/2.1.15-210

CVE-2009-4185: XSS

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-4185?

How do I fix CVE-2009-4185?

What versions of HP System Management Homepage are affected by CVE-2009-4185?

What type of vulnerability is CVE-2009-4185?

Can CVE-2009-4185 be exploited remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2009-4185?

How do I fix CVE-2009-4185?

What versions of HP System Management Homepage are affected by CVE-2009-4185?

What type of vulnerability is CVE-2009-4185?

Can CVE-2009-4185 be exploited remotely?