CVE-2012-2003

Published May 2, 2012
Last updated a month ago
CVSS info 6.8
Overview

Description: Cross-site request forgery (CSRF) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Source: hp-security-alert@hp.com
NVD status: Deferred
Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-352
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:*:b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E68F293-1307-40AB-B095-5ED3104EFCE7",
            "versionEndIncluding": "8.70.0.0"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:6.30.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "766E1E38-8858-45A4-92DE-44CD8C397ED6"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:6.31.0.0:b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "731403D0-FD96-4A65-A8A6-A91A96574970"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:6.40.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB8D759D-4676-436A-B5EA-984344C16ED0"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:7.0.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "115C2A40-AEDB-4CA3-852A-17C4233CFA3F"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:7.10.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67EADAE9-3058-484E-988B-484DAC43B85A"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:7.20.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98CD575E-DC00-4F04-B3DF-054C03101D5D"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:7.30.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1088E1AC-DE0E-43C1-BD0D-6459F9CA10D2"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:7.40.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41C15ED3-C5AB-4D9E-A0A4-0D736A292A00"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:7.40.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F74B598-3C4E-439B-96A2-0A24CA26C4B2"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:7.41.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E7146EB6-818E-4720-BBBA-BD0145099FCF"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:7.50.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7FE27A87-C5FD-436D-8880-05FB6A3B9568"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:7.51.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BB88EC9-ACFE-4603-BB7F-4635546E048E"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:7.60.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B729C98F-4394-430A-A4DD-62C749F85C3F"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:7.70.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B05DA60-89CF-4608-9C91-F6A96431CEA9"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:7.80.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "877CF079-B1A1-4911-B556-EEE5BC957E09"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:7.90.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D20394B2-8A0E-4F47-A7F0-7FDC83A261C8"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:7.91.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "080BCEC8-AFEF-4418-BA65-CF8017024588"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:7.95.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70CF9953-C758-4E10-9E95-6269462E4FED"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:8.0.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E6342ED-6249-4E1B-B342-1CA79C5E3177"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:8.1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DB3F488-5C23-4EC1-AF46-248F79F0409D"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:8.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "484707F4-5F22-4765-BCA1-9FD3F234ADDF"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:8.10.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33DB76E0-BF8C-438D-9621-E3546A8DFB99"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:8.11.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D761A720-D958-4A0E-8DEA-DC437719E19B"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:8.15.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7DE3C83A-AE5D-44DD-AADF-93ABC71CB15A"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:8.20.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D2E10A64-99C3-44B3-9994-987A951747B7"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:8.22.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07962F0B-B5AB-48B1-9E7E-C7985227DCD6"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:8.26.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "810D2096-28D0-4453-B507-F490BE901D59"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:8.30.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66F6BB8C-A2D9-4D7D-9534-3B74C27A19B0"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:8.40.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAD856B1-2211-4372-A136-C4719A55536A"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:8.50.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F65E424D-D237-43A6-8F4C-8D70A70A6255"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:8.60.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "230D03CC-6442-4F5A-B699-2B511D2DCE1E"
          },
          {
            "criteria": "cpe:2.3:a:hp:insight_management_agents:8.70.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96298877-AB34-4C60-A285-655CABE890E5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E8000F58-DF1C-464C-A14B-783CDC00E781"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
References

Sources include official advisories and independent security research.
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
