CVE-2012-2012

HIGH

Description

HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

References

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041

Details

Source: MITRE

Published: 2012-06-29

Updated: 2019-10-09

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH