CVE-2010-3989

EUVD-2010-3965
Cross-site request forgery (CSRF) vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
Affected Products (NVD)
VendorProductVersion
hpinsight_control_virtual_machine_management
𝑥
≤ 6.1.2
hpinsight_control_virtual_machine_management
6.0
hpinsight_control_virtual_machine_management
6.0.1
hpinsight_control_virtual_machine_management
6.0.2
hpinsight_control_virtual_machine_management
6.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://marc.info/?l=bugtraq&m=128811259326540&w=2
http://www.securityfocus.com/bid/44435
http://www.securitytracker.com/id?1024641
http://marc.info/?l=bugtraq&m=128811259326540&w=2
http://www.securityfocus.com/bid/44435
http://www.securitytracker.com/id?1024641