PT-2015-1332 · Hewlett Packard · Hp Sitescope

Published

2015-05-25

Updated

2016-12-31

CVE-2015-2120

CVSS v2.0

8.7

High

Vector

AV:N/AC:L/Au:S/C:C/I:P/A:C

Name of the Vulnerable Software and Affected Versions HP SiteScope versions 11.1x through 11.12 HP SiteScope versions 11.2x through 11.24.390 HP SiteScope versions 11.3x through 11.30.520

Description The issue is related to insufficient access restrictions to certain features in the HP SiteScope system monitoring solution. It allows a remote attacker to elevate their privileges.

Recommendations For HP SiteScope versions 11.1x through 11.12, update to version 11.13 or later. For HP SiteScope versions 11.2x through 11.24.390, update to version 11.24.391 or later. For HP SiteScope versions 11.3x through 11.30.520, update to version 11.30.521 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

BDU:2015-10420

CVE-2015-2120

ZDI-15-239

Affected Products

Hp Sitescope

PT-2015-1332 · Hewlett Packard · Hp Sitescope

CVE-2015-2120

Weakness Enumeration

Related Identifiers

Affected Products

References · 7