CSRF in Hp System_management_homepage

CVE-2015-2134

Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

Vulnerability class: CSRF (Cross-Site Request Forgery)

EPSS: 0.001 (22.9th percentile) — read the EPSS interpretation.

Affected products

Hp System_management_homepage
N/a — versions n/a

Weakness classification (CWE)

CWE-352 — Cross-Site Request Forgery (CSRF)

References

HPSBMU03409 (x_refsource_HP, vendor-advisory)
HPSBMU03380 (Vendor Advisory, x_refsource_HP, vendor-advisory)
75961 (vdb-entry, x_refsource_BID)
1033014 (vdb-entry, x_refsource_SECTRACK)