CVE-2013-6188

Published: Mar 14, 2014Modified: May 6, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 7.1 through 7.2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Affected (4)

Products: Hp: System Management Homepage

1 product

System Management Homepage

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Hp System Management Homepage	Version 7.1
Hp System Management Homepage	Version 7.2.1
Hp System Management Homepage	Version 7.2.2
Hp System Management Homepage	Version 7.2

Related CWEs

CWE-352

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (2)

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138

Source: hp-security-alert@hp.com

PatchVendor Advisory

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.