HP Onboard Administrator Multiple Security Vulnerabilities Network Vulnerability

Summary

HP Onboard Administrator is prone to multiple security vulnerabilities.

Impact

An attacker may exploit these issues to obtain sensitive information, bypass certain security restrictions, and redirect a user to a potentially malicious site this may aid in phishing attacks.

Solution

Updates are available. Please see the references for more information.

Insight

HP Onboard Administrator is prone to: 1. A URI-redirection vulnerability 2. An information-disclosure vulnerability 3. A security-bypass vulnerability

Affected

HP Onboard Administrator (OA) before 3.50

Detection

Check if HP Onboard Administrator version is < 3.50

References

http://h18004.www1.hp.com/products/blades/components/onboard/index.html?jumpid=reg_R1002_USEN
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03263573
http://www.securityfocus.com/bid/52862

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-0128, CVE-2012-0129, CVE-2012-0130
CVSS Base Score: 7.6
AV:N/AC:H/Au:N/C:C/I:C/A:C

Related Vulnerabilities

AdMentor Login Flaw
AjaxPortal 'di.php' File Inclusion Vulnerability
Adiscon LogAnalyzer Multiple SQL Injection and XSS Vulnerabilities
AlienVault OSSIM Multiple Remote Code Execution Vulnerabilities
Apache Axis2 Document Type Declaration Processing Security Vulnerability

Take action and discover your vulnerabilities