4.3

CVE-2010-1586

Exploit

Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter.

Data is provided by the National Vulnerability Database (NVD)
HpSystem Management Homepage Version2.0.0
HpSystem Management Homepage Version2.0.1
HpSystem Management Homepage Version2.0.2
HpSystem Management Homepage Version2.1.0-103
HpSystem Management Homepage Version2.1.0-109
HpSystem Management Homepage Version2.1.0-118
HpSystem Management Homepage Version2.1.1
HpSystem Management Homepage Version2.1.2
HpSystem Management Homepage Version2.1.2-127
HpSystem Management Homepage Version2.1.3
HpSystem Management Homepage Version2.1.3.132
HpSystem Management Homepage Version2.1.4
HpSystem Management Homepage Version2.1.5
HpSystem Management Homepage Version2.1.5-146
HpSystem Management Homepage Version2.1.6
HpSystem Management Homepage Version2.1.6-156
HpSystem Management Homepage Version2.1.7
HpSystem Management Homepage Version2.1.7-168
HpSystem Management Homepage Version2.1.8
HpSystem Management Homepage Version2.1.8-177
HpSystem Management Homepage Version2.1.9
HpSystem Management Homepage Version2.1.9-178
HpSystem Management Homepage Version2.1.10-186
HpSystem Management Homepage Version2.1.11-197
HpSystem Management Homepage Version2.1.12-118
HpSystem Management Homepage Version2.1.12-200
HpSystem Management Homepage Version2.2.6
HpSystem Management Homepage Version2.2.8
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.52% 0.66
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.