CVE-2015-2120 - Unspecified vulnerability in HP SiteScope 11.1x before 11.13, 11.2x before 11.24.391, and 11.3x befo

CVE-2015-2120

Summary

Unspecified vulnerability in HP SiteScope 11.1x before 11.13, 11.2x before 11.24.391, and 11.3x before 11.30.521 allows remote authenticated users to gain privileges via unknown vectors, aka ZDI-CAN-2567.

References

http://www.securityfocus.com/bid/74801
http://www.zerodayinitiative.com/advisories/ZDI-15-239
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04688784

Vulnerable Configurations

cpe:2.3:a:hp:sitescope:11.13:*:*:*:*:*:*:*
cpe:2.3:a:hp:sitescope:11.13:*:*:*:*:*:*:*
cpe:2.3:a:hp:sitescope:11.24.391:*:*:*:*:*:*:*
cpe:2.3:a:hp:sitescope:11.24.391:*:*:*:*:*:*:*
cpe:2.3:a:hp:sitescope:11.30.521:*:*:*:*:*:*:*
cpe:2.3:a:hp:sitescope:11.30.521:*:*:*:*:*:*:*

CVSS

Base:	8.7 (as of 31-12-2016 - 02:59)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
COMPLETE	PARTIAL	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:S/C:C/I:P/A:C

refmap via4

bid	74801
hp	HPSBGN03325 SSRT101902
misc	http://www.zerodayinitiative.com/advisories/ZDI-15-239

Last major update

31-12-2016 - 02:59

Published

25-05-2015 - 14:59

Last modified

31-12-2016 - 02:59