Vulnerability Details CVE-2010-1971
Cross-site request forgery (CSRF) vulnerability in HP Insight Software Installer for Windows before 6.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, a different vulnerability than CVE-2010-1968.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.8%
CVSS Severity
CVSS v2 Score 6.8
References
- http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02282388
- http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02282388
- http://secunia.com/advisories/40553
- http://securitytracker.com/id?1024186
- http://www.vupen.com/english/advisories/2010/1792
- http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02282388
- http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02282388
- http://secunia.com/advisories/40553
- http://securitytracker.com/id?1024186
- http://www.vupen.com/english/advisories/2010/1792
Products affected by CVE-2010-1971
-
cpe:2.3:a:hp:insight_software_installer:*
-
cpe:2.3:a:hp:insight_software_installer:3.00
-
cpe:2.3:a:hp:insight_software_installer:3.10
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:microsoft:windows:1.0
-
cpe:2.3:o:microsoft:windows:2.0
-
cpe:2.3:o:microsoft:windows:2000
-
cpe:2.3:o:microsoft:windows:3.0
-
cpe:2.3:o:microsoft:windows:3.1
-
cpe:2.3:o:microsoft:windows:3.11
-
cpe:2.3:o:microsoft:windows:server_2008
-
cpe:2.3:o:microsoft:windows:vista