OSVDB ID: 85314

Title: HP SiteScope update() SOAP Call Admin Credential Manipulation

Info

Disclosure

Aug 29, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

HP SiteScope contains a flaw that is triggered when an error occurs in the SOAP interface during the handling of the update() function call. This may allow a remote attacker to modify administrative credentials.

Classification

Location: Remote / Network Access
Attack Type: Other
Impact: Loss of Integrity
Solution: Solution Unknown
Exploit: Exploit Private
Disclosure: Uncoordinated Disclosure
OSVDB: Web Related

Solution

OSVDB is not aware of a solution for this vulnerability.

Products

Hewlett-Packard Development Company, L.P.

SiteScope

11.20

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/85314