HP Insight Control Performance Management < 6.3 Multiple Vulnerabilities

Medium Nessus Plugin ID 55749


The remote Windows host contains a management application that is affected by multiple vulnerabilities.


According to its version number, the HP Insight Control Performance Management install on the remote Windows host is affected by multiple vulnerabilities :

- An unspecified vulnerability could allow remote authenticated users to gain elevated privileges.

- A cross-site request forgery vulnerability exists that can be exploited via unknown vectors. (CVE-2011-1545)


Upgrade to HP Insight Control Performance Management 6.3 or later.

See Also


Plugin Details

Severity: Medium

ID: 55749

File Name: hp_insight_performance_mgmt_6_3.nasl

Version: $Revision: 1.2 $

Type: local

Agent: windows

Family: Windows

Published: 2011/08/01

Modified: 2011/10/24

Dependencies: 55748

Risk Information

Risk Factor: Medium


Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:hp:insight_control_performance_management

Required KB Items: SMB/HP Insight Control Performance Management/Version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2011/04/20

Vulnerability Publication Date: 2011/04/20

Reference Information

CVE: CVE-2011-1544, CVE-2011-1545

BID: 47524

OSVDB: 71903, 71904

Secunia: 44216