APP: HP SiteScope SOAP Call APIPreferenceImpl Multiple Security Bypass
This signature detects attempts to exploit a known vulnerability against HP SiteScope. A successful attack can lead to unauthorized information disclosure.
Extended Description
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1463.
Affected Products
Hp sitescope
References
CVE: CVE-2012-3261
URL: http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03489683 https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03489683 http://www.zerodayinitiative.com/advisories/zdi-12-175/ http://www.zerodayinitiative.com/advisories/zdi-12-178/ http://securitytracker.com/id?1027547
Short Name
APP:MISC:HP-SITESCOPE-SOAP
Severity
Minor
Recommended
False
Recommended Action
None
Category
APP
Keywords
APIPreferenceImpl Bypass CVE-2012-3261 Call HP Multiple SOAP Security SiteScope bid:55269 bid:55273
Release Date
01/08/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Hp
CVSS Score
10.0