CVE-2012-0128 (GCVE-0-2012-0128)
Vulnerability from cvelistv5
Published
2012-04-04 23:00
Modified
2024-08-06 18:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
HP Onboard Administrator (OA) before 3.50 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:16:18.733Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSRT100817",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522176"
},
{
"name": "hpoa-unspecified-open-redirect(74575)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74575"
},
{
"name": "1026889",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026889"
},
{
"name": "52862",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52862"
},
{
"name": "HPSBMU02759",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522176"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HP Onboard Administrator (OA) before 3.50 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "SSRT100817",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/522176"
},
{
"name": "hpoa-unspecified-open-redirect(74575)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74575"
},
{
"name": "1026889",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026889"
},
{
"name": "52862",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52862"
},
{
"name": "HPSBMU02759",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/522176"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2012-0128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP Onboard Administrator (OA) before 3.50 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT100817",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/522176"
},
{
"name": "hpoa-unspecified-open-redirect(74575)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74575"
},
{
"name": "1026889",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026889"
},
{
"name": "52862",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52862"
},
{
"name": "HPSBMU02759",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/522176"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2012-0128",
"datePublished": "2012-04-04T23:00:00",
"dateReserved": "2011-12-13T00:00:00",
"dateUpdated": "2024-08-06T18:16:18.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2012-0128\",\"sourceIdentifier\":\"hp-security-alert@hp.com\",\"published\":\"2012-04-05T13:25:26.317\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"HP Onboard Administrator (OA) before 3.50 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"HP Onboard Administrator (OA) antes de v3.50 permite a atacantes remotos redirigir a los usuarios a sitios web de su elecci\u00f3n y llevar a cabo ataques de phishing a trav\u00e9s de vectores no especificados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.32\",\"matchCriteriaId\":\"35E3A6B8-57D4-44B9-AFEF-5C9EAA3888A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:1.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E3CC78B-AF12-40A9-976E-340D297B7EE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:1.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AABC9723-8247-46FB-99AD-49D2208B2972\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:1.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37C1CE46-D6BA-40BC-9689-DCBAF2B551CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:1.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"921B666D-DC6B-432B-81D5-9B5F30A55287\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:1.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87C5412F-0CE2-4D40-BA95-AA5D42A90DF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:1.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A79B2B35-CA65-456D-B4DC-435A715CC83B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:1.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24761457-A8AD-49C7-9AC4-B867C8A0214C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA12E2BD-F212-4EE5-BE7F-86D5ECBD3D60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.02:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AF5EF7E-4D7B-4037-B3F5-9EF72C23A3E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8947F08A-BD6B-418C-8A8A-752BAA5FBECF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F404091-F090-4DFE-B058-C24A7C30DBAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C9F28F1-AAD6-457A-8738-B89ECD9BDDA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F0732BC-9811-452A-A834-79336C5230F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B77B7726-095B-4989-8E89-5D6A916A2BEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EF43EFF-52E3-4ED3-9470-1F2D45B701D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD919F48-7933-4F86-AE9F-A852319438E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49615B23-3754-4A6E-82A3-01033F72230E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92A3825C-4EDB-4710-8EF6-C1BEAC9D6388\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"632AB256-F4D3-418A-9212-C72A896A656C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A30F48DF-E1D1-4A6E-A4F3-C7252CDCA550\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"940E7A16-291B-4121-BC8A-C5B8656209D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.51:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D59D636-AE66-4CB7-905E-E5FD74C17C4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3C8D83C-F850-4B17-BF5A-9E0F8DE76F8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:2.60:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2134C854-6A04-4ED9-9859-84ACF6BA5668\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:3.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C46D3646-1EB4-4D58-BA68-76E95820DD2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6E26DB3-790D-46DE-B647-A0DC8D513E9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B472242F-5DD1-415B-9DEE-64E0A6B0F11B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:3.20:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EF7CB57-4E98-418A-9127-73FC43DD8443\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:3.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EDDE49F-D807-405B-8497-8C0F9A7FC60A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:3.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"697EBA00-478A-4B95-AA11-F1CD19D256C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:onboard_administrator:3.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E76769DC-820A-4D6B-B9DE-82C61B7CF5BB\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/archive/1/522176\",\"source\":\"hp-security-alert@hp.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/522176\",\"source\":\"hp-security-alert@hp.com\"},{\"url\":\"http://www.securityfocus.com/bid/52862\",\"source\":\"hp-security-alert@hp.com\"},{\"url\":\"http://www.securitytracker.com/id?1026889\",\"source\":\"hp-security-alert@hp.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/74575\",\"source\":\"hp-security-alert@hp.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/522176\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/522176\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/52862\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1026889\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/74575\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…