HP Service Manager身份验证绕过漏洞(CVE

日期:2021-04-05 栏目:程序人生 浏览:

发布日期:2013-08-15
更新日期:2013-08-18

受影响系统:
HP Service Manager 9.21
HP Service Manager 7.11
描述:
--------------------------------------------------------------------------------
BUGTRAQ  ID: 61789
CVE(CAN) ID: CVE-2013-4808

HP Service Manager是ITSM的核心软件。

HP Service Manager v9.31, v9.30, v9.21, v7.11存在允许未经身份验证访问和权限提升漏洞,攻击者可利用此漏洞在未经身份验证的情况下访问受影响应用并以提升的权限执行未授权操作。

<*来源:HP
 
  链接:
        https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03888320
*>

建议:
--------------------------------------------------------------------------------
厂商补丁:

HP
--
HP已经为此发布了一个安全公告(HPSBMU02915)以及相应补丁:
HPSBMU02915:HP Service Manager, Remote Unauthenticated Access and Elevation of Privilege
链接:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03888320

补丁下载:

SM 9.31P2 Server platform
Patch URL

Windows Server 9.31.2004 p2

HP Itanium Server 9.31.2004 p2

Linux Server 9.31.2004 p2

Solaris Server 9.31.2004 p2

AIX Server 9.31.2004 p2

SM 9.31P2 Web Tier
Patch URL

Web Tier 9.31.2004 p2

SM 9.30P5 Server platform
Patch URL

Windows Server 9.30.511 p5

HP Itanium Server 9.30.511 p5

Linux Server 9.30.511 p5

Solaris Server 9.30.511 p5

AIX Server 9.30.511 p5

SM 9.30P5 Web Tier
Patch URL

Web Tier 9.30.511 p5

SM 9.30AP3 Applications
Patch URL

Applications 9.30 ap3

SM 9.21P7 Server platform
Patch URL

Windows Server 9.21.624 p7

HP Itanium Server 9.21.624 p7

HP Parisc Server 9.21.624 p7

Linux Server 9.21.624 p7

Solaris Server 9.21.624 p7

AIX Server 9.21.624 p7

SM 9.21P7 Web Tier
Patch URL

Web Tier 9.21.624 p7

SM 9.21AP3 Applications
Patch URL

Applications 9.21 ap3

SM 7.11P20 Server platform
Patch URL

Windows Server 7.11.604 p20

HP Itanium Server 7.11.604 p20

HP Parisc Server 7.11.604 p20

Linux Server 7.11.604 p20

Solaris Server 7.11.604 p20

AIX Server 7.11.604 p20

SM 7.11P20 Web Tier
Patch URL

Web Tier 7.11.604 p20

SM 7.11AP3 Applications
Patch URL

Applications 7.11 ap3

SC6.2.8.12 Server platform
Patch URL

Aix Server 6.2.8.12

HP Itanium Server 6.2.8.12

HP parisc Server 6.2.8.12

Linux Server 6.2.8.12

Solaris Server 6.2.8.12

Windows Server 6.2.8.12

SC6.2.8.12 Web Tier
Patch URL

Web Tier 6.2.8.12

上一篇:App Store 存在漏洞 恶意程序能轻易通过审批
下一篇:Angular 数据请求的实现方法

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:http://www.heiqu.com/8b3d54c980a75ee5b1ea41356045b8ab.html

相关推荐