HP Service Center, HP Service Manager

ソフト名：HP Service Center/Center client v6.2.8(AIX, HP-UX, Linux, Solaris, Windows), HP Service Manager/Manager client v7.02/v7.11/v9.21/v9.20(AIX, HP-UX, Linux, Solaris, Windows)

回避策：HPSBMA02674 SSRT100487にて対応

脆弱性：セッションの乗っ取り, セキュリティ制限の回避, XSS, 機密情報の奪取, スクリプト挿入攻撃, 不特定のエラー, 不正アクセス, キャッシュ汚染, 不正HTMLの実行, スクリプトコード実行

ソース：http://h10076.www1.hp.com/education/hpsw/ov_service_center_6x.htm

http://www8.hp.com/us/en/software/software-product.html?compURI=tcm:245-937082

https://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02863015

http://secunia.com/advisories/44836/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1857

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1858

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1859

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1860

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1861

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1862

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1863

CVE：CVE-2011-1857, CVE-2011-1858, CVE-2011-1859, CVE-2011-1860, CVE-2011-1861, CVE-2011-1862, CVE-2011-1863

危険性：Medium Risk