漏洞类别:Web server
漏洞等级: 
漏洞信息
The HP System Management Homepage (SMH) is a web-based interface that consolidates the management of ProLiant and Integrity servers running Microsoft Windows or Linux, or HP 9000 and HP Integrity servers running HP-UX 11i.
Multiple potential security vulnerabilities have been identified in HPE System Management Homepage (SMH) on Windows and Linux. The vulnerabilities could be remotely exploited using man-in-the-middle (MITM) attacks resulting in cross-site scripting (XSS), arbitrary code execution, Denial of Service (DoS), and/or unauthorized disclosure of information.
Affected Versions:
HPE System Management Homepage versions prior to v7.6.0
漏洞危害
Depending on the vulnerability being exploited, an attacker could conduct man-in-the-middle (MITM) attacks, execute arbitrary code, cause a Denial of Service (DoS) condition, or gain unauthorized access to sensitive information.
解决方案
Customers are advised to upgrade to HP SMH v7.6.0 or later to remediate these vulnerabilities.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论