First published: Wed Apr 28 2010(Updated: )
Cross-site request forgery (CSRF) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Credit: hp-security-alert@hp.com
Affected Software | Affected Version | How to fix |
---|---|---|
HP Systems Insight Manager | =4.1 | |
HP Systems Insight Manager | =2.5 | |
HP Systems Insight Manager | =4.2 | |
HP Systems Insight Manager | =4.2-sp1 | |
HP Systems Insight Manager | <=5.2 | |
HP Systems Insight Manager | =5.0-sp5 | |
HP Systems Insight Manager | =5.0-sp3 | |
HP Systems Insight Manager | =5.0-sp4 | |
HP Systems Insight Manager | =5.1 | |
HP Systems Insight Manager | =4.1-sp1 | |
HP Systems Insight Manager | =5.0-sp2 | |
HP Systems Insight Manager | =2.5.2.0 | |
HP Systems Insight Manager | =4.2-sp2 | |
HP Systems Insight Manager | =4.0-sp1 | |
HP Systems Insight Manager | =sp1 | |
HP Systems Insight Manager | =5.2 | |
HP Systems Insight Manager | =5.0 | |
HP Systems Insight Manager | =4.0 | |
HP Systems Insight Manager | =5.0-sp1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2010-1037 is considered a high-severity vulnerability due to its potential for cross-site request forgery attacks.
To fix CVE-2010-1037, upgrade HP System Insight Manager to version 6.0 or later.
CVE-2010-1037 affects multiple versions of HP System Insight Manager, including versions 2.5, 4.1, 4.2, 5.0, and 5.1.
CVE-2010-1037 allows remote attackers to perform cross-site request forgery (CSRF) attacks, hijacking victim authentication.
Yes, users of vulnerable versions of HP System Insight Manager are still at risk if they have not upgraded to remediate this vulnerability.