VIR Vulnerability Intelligence Relay

CVE-2012-2012

critical
Published 2012-06-29 ยท Modified 2026-04-29
๐Ÿ’ฌ Discuss on Community โœš Propose mitigation
CVSS v3
โ€”
CVSS v4 NEW
โ€”
not yet in upstream
VIR risk
10.0

Description

HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

Predictions

Exploit likelihood
20%
Patch ETA
โ€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ€” if you've already worked around this in production โ€” publish your fix to the community-verified tier.

โœš Propose a mitigation on Community โ†’ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

OS impact
linux Linux kernel Fixed 1 release
VersionStatusFixed in
โ€” Not affected โ€”

Application impact
VendorProductVersionsFixed
hp hpsystem_management_homepage{"endIncluding":"7.1.0-16"}
hp hpsystem_management_homepage2.0.0
hp hpsystem_management_homepage2.0.1
hp hpsystem_management_homepage2.0.1.104
hp hpsystem_management_homepage2.0.2
hp hpsystem_management_homepage2.0.2.106
hp hpsystem_management_homepage2.1
hp hpsystem_management_homepage2.1.0-103
hp hpsystem_management_homepage2.1.0-103\(a\)
hp hpsystem_management_homepage2.1.0-109
hp hpsystem_management_homepage2.1.0-118
hp hpsystem_management_homepage2.1.0.121
hp hpsystem_management_homepage2.1.1
hp hpsystem_management_homepage2.1.2
hp hpsystem_management_homepage2.1.2-127
hp hpsystem_management_homepage2.1.2.127
hp hpsystem_management_homepage2.1.3
hp hpsystem_management_homepage2.1.3.132
hp hpsystem_management_homepage2.1.4
hp hpsystem_management_homepage2.1.4-143
hp hpsystem_management_homepage2.1.4.143
hp hpsystem_management_homepage2.1.5
hp hpsystem_management_homepage2.1.5-146
hp hpsystem_management_homepage2.1.5.146
hp hpsystem_management_homepage2.1.6
hp hpsystem_management_homepage2.1.6-156
hp hpsystem_management_homepage2.1.6.156
hp hpsystem_management_homepage2.1.7
hp hpsystem_management_homepage2.1.7-168
hp hpsystem_management_homepage2.1.7.168
hp hpsystem_management_homepage2.1.8
hp hpsystem_management_homepage2.1.8-177
hp hpsystem_management_homepage2.1.8.179
hp hpsystem_management_homepage2.1.9
hp hpsystem_management_homepage2.1.9-178
hp hpsystem_management_homepage2.1.10
hp hpsystem_management_homepage2.1.10-186
hp hpsystem_management_homepage2.1.10.186
hp hpsystem_management_homepage2.1.11
hp hpsystem_management_homepage2.1.11-197
hp hpsystem_management_homepage2.1.11.197
hp hpsystem_management_homepage2.1.12-118
hp hpsystem_management_homepage2.1.12-200
hp hpsystem_management_homepage2.1.12.201
hp hpsystem_management_homepage2.1.14
hp hpsystem_management_homepage2.1.14.20
hp hpsystem_management_homepage2.1.15
hp hpsystem_management_homepage2.1.15-210
hp hpsystem_management_homepage2.1.15.210
hp hpsystem_management_homepage2.2.6
hp hpsystem_management_homepage2.2.8
hp hpsystem_management_homepage3.0.0
hp hpsystem_management_homepage3.0.0-68
hp hpsystem_management_homepage3.0.0.64
hp hpsystem_management_homepage3.0.1
hp hpsystem_management_homepage3.0.1-73
hp hpsystem_management_homepage3.0.1.73
hp hpsystem_management_homepage3.0.2
hp hpsystem_management_homepage3.0.2-77
hp hpsystem_management_homepage3.0.2.77
hp hpsystem_management_homepage6.0
hp hpsystem_management_homepage6.0.0-95
hp hpsystem_management_homepage6.0.0.96
hp hpsystem_management_homepage6.1
hp hpsystem_management_homepage6.1.0-103
hp hpsystem_management_homepage6.1.0.102
hp hpsystem_management_homepage6.2.0
hp hpsystem_management_homepage6.2.2.7
hp hpsystem_management_homepage6.3.0
hp hpsystem_management_homepage6.3.1
hp hpsystem_management_homepage7.0

References

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.