Test ID:	1.3.6.1.4.1.25623.1.0.103795
Category:	Web application abuses
Title:	HP Onboard Administrator < 3.50 Multiple Security Vulnerabilities
Summary:	HP Onboard Administrator is prone to multiple security vulnerabilities.
Description:	Summary: HP Onboard Administrator is prone to multiple security vulnerabilities. Vulnerability Insight: HP Onboard Administrator is prone to: 1. A URI-redirection vulnerability 2. An information disclosure vulnerability 3. A security bypass vulnerability Vulnerability Impact: An attacker may exploit these issues to obtain sensitive information, bypass certain security restrictions, and redirect a user to a potentially malicious site. This may aid in phishing attacks. Affected Software/OS: HP Onboard Administrator (OA) versions prior to 3.50. Solution: Update to version 3.50 or later. CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0128 BugTraq ID: 52862 http://www.securityfocus.com/bid/52862 HPdes Security Advisory: HPSBMU02759 http://www.securityfocus.com/archive/1/522176 HPdes Security Advisory: SSRT100817 http://www.securitytracker.com/id?1026889 XForce ISS Database: hpoa-unspecified-open-redirect(74575) https://exchange.xforce.ibmcloud.com/vulnerabilities/74575 Common Vulnerability Exposure (CVE) ID: CVE-2012-0129 XForce ISS Database: hpoa-unspecified-unauth-access(74576) https://exchange.xforce.ibmcloud.com/vulnerabilities/74576 Common Vulnerability Exposure (CVE) ID: CVE-2012-0130 XForce ISS Database: hpoa-unspecified-info-disclosure(74577) https://exchange.xforce.ibmcloud.com/vulnerabilities/74577
Copyright	Copyright (C) 2013 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.