CVE-2010-1586

EUVD-2010-1613
Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
Affected Products (NVD)
VendorProductVersion
hpsystem_management_homepage
2.0.0
hpsystem_management_homepage
2.0.1
hpsystem_management_homepage
2.0.2
hpsystem_management_homepage
2.1
hpsystem_management_homepage
2.1.0-103
hpsystem_management_homepage
2.1.0-103\(a\)
hpsystem_management_homepage
2.1.0-109
hpsystem_management_homepage
2.1.0-118
hpsystem_management_homepage
2.1.1
hpsystem_management_homepage
2.1.2
hpsystem_management_homepage
2.1.2-127
hpsystem_management_homepage
2.1.3
hpsystem_management_homepage
2.1.3.132
hpsystem_management_homepage
2.1.4
hpsystem_management_homepage
2.1.5
hpsystem_management_homepage
2.1.5-146
hpsystem_management_homepage
2.1.6
hpsystem_management_homepage
2.1.6-156
hpsystem_management_homepage
2.1.7
hpsystem_management_homepage
2.1.7-168
hpsystem_management_homepage
2.1.8
hpsystem_management_homepage
2.1.8-177
hpsystem_management_homepage
2.1.9
hpsystem_management_homepage
2.1.9-178
hpsystem_management_homepage
2.1.10-186
hpsystem_management_homepage
2.1.11-197
hpsystem_management_homepage
2.1.12-118
hpsystem_management_homepage
2.1.12-200
hpsystem_management_homepage
2.2.6
hpsystem_management_homepage
2.2.8
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/39676
http://yehg.net/lab/pr0js/advisories/hp_system_management_homepage_url_redirection_abuse
https://exchange.xforce.ibmcloud.com/vulnerabilities/58107
http://www.securityfocus.com/bid/39676
http://yehg.net/lab/pr0js/advisories/hp_system_management_homepage_url_redirection_abuse
https://exchange.xforce.ibmcloud.com/vulnerabilities/58107