首页 -> 安全研究
安全研究
安全漏洞
HP Service Manager身份验证绕过漏洞(CVE-2013-4808)
发布日期:2013-08-15
更新日期:2013-08-16
受影响系统:
HP Service Manager 9.21描述:
HP Service Manager 7.11
BUGTRAQ ID: 61789
CVE(CAN) ID: CVE-2013-4808
HP Service Manager是ITSM的核心软件。
HP Service Manager v9.31, v9.30, v9.21, v7.11存在允许未经身份验证访问和权限提升漏洞,攻击者可利用此漏洞在未经身份验证的情况下访问受影响应用并以提升的权限执行未授权操作。
<*来源:HP
链接:http://seclists.org/bugtraq/2013/Aug/120
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03888320
*>
建议:
厂商补丁:
HP
--
HP已经为此发布了一个安全公告(HPSBMU02915)以及相应补丁:
HPSBMU02915:HP Service Manager, Remote Unauthenticated Access and Elevation of Privilege
链接:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03888320
补丁下载:
SM 9.31P2 Server platform
Patch URL
Windows Server 9.31.2004 p2
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00423
HP Itanium Server 9.31.2004 p2
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00420
Linux Server 9.31.2004 p2
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00421
Solaris Server 9.31.2004 p2
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00422
AIX Server 9.31.2004 p2
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00419
SM 9.31P2 Web Tier
Patch URL
Web Tier 9.31.2004 p2
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00424
SM 9.30P5 Server platform
Patch URL
Windows Server 9.30.511 p5
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00351
HP Itanium Server 9.30.511 p5
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00348
Linux Server 9.30.511 p5
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00349
Solaris Server 9.30.511 p5
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00350
AIX Server 9.30.511 p5
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00347
SM 9.30P5 Web Tier
Patch URL
Web Tier 9.30.511 p5
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00352
SM 9.30AP3 Applications
Patch URL
Applications 9.30 ap3
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00367
SM 9.21P7 Server platform
Patch URL
Windows Server 9.21.624 p7
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00434
HP Itanium Server 9.21.624 p7
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00430
HP Parisc Server 9.21.624 p7
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00431
Linux Server 9.21.624 p7
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00432
Solaris Server 9.21.624 p7
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00433
AIX Server 9.21.624 p7
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00429
SM 9.21P7 Web Tier
Patch URL
Web Tier 9.21.624 p7
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00435
SM 9.21AP3 Applications
Patch URL
Applications 9.21 ap3
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00393
SM 7.11P20 Server platform
Patch URL
Windows Server 7.11.604 p20
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00408
HP Itanium Server 7.11.604 p20
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00404
HP Parisc Server 7.11.604 p20
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00405
Linux Server 7.11.604 p20
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00406
Solaris Server 7.11.604 p20
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00407
AIX Server 7.11.604 p20
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00403
SM 7.11P20 Web Tier
Patch URL
Web Tier 7.11.604 p20
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00409
SM 7.11AP3 Applications
Patch URL
Applications 7.11 ap3
http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00383
SC6.2.8.12 Server platform
Patch URL
Aix Server 6.2.8.12
http://support.openview.hp.com/selfsolve/document/LID/HPSC_00263
HP Itanium Server 6.2.8.12
http://support.openview.hp.com/selfsolve/document/LID/HPSC_00264
HP parisc Server 6.2.8.12
http://support.openview.hp.com/selfsolve/document/LID/HPSC_00265
Linux Server 6.2.8.12
http://support.openview.hp.com/selfsolve/document/LID/HPSC_00266
Solaris Server 6.2.8.12
http://support.openview.hp.com/selfsolve/document/LID/HPSC_00267
Windows Server 6.2.8.12
http://support.openview.hp.com/selfsolve/document/LID/HPSC_00268
SC6.2.8.12 Web Tier
Patch URL
Web Tier 6.2.8.12
http://support.openview.hp.com/selfsolve/document/LID/HPSC_00269
浏览次数:3628
严重程度:0(网友投票)
绿盟科技给您安全的保障