CVE-2012-2012 — HIGH (10.0)

Q: How severe is CVE-2012-2012?

CVE-2012-2012 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2012-2012?

Check the references section above for vendor advisories and patch information. Affected products include: Hp System Management Homepage, Linux Linux Kernel, Microsoft Windows.

Vulnerability Description

HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Hp	System Management Homepage	<= 7.1.0-16
Linux	Linux Kernel	All versions
Microsoft	Windows	All versions

References

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041PatchVendor Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041PatchVendor Advisory

FAQ

What is CVE-2012-2012?

CVE-2012-2012 is a vulnerability with a CVSS score of 10.0 (HIGH). HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an u...

How severe is CVE-2012-2012?

CVE-2012-2012 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-2012?

Check the references section above for vendor advisories and patch information. Affected products include: Hp System Management Homepage, Linux Linux Kernel, Microsoft Windows.