HP Onboard Administrator (OA) versions 3.32 et inf\u00e9rieures.
","content":"## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans HP Onboard\nAdministrator. Ces vuln\u00e9rabilit\u00e9s peuvent \u00eatre exploit\u00e9es \u00e0 distance.\nParmi celles-ci se trouvent :\n\n- redirection d'URL ;\n- acc\u00e8s \u00e0 des ressources de fa\u00e7on non-autoris\u00e9e ;\n- r\u00e9v\u00e9lation d'informations de fa\u00e7on non autoris\u00e9e.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2008-7270","url":"https://www.cve.org/CVERecord?id=CVE-2008-7270"},{"name":"CVE-2012-0130","url":"https://www.cve.org/CVERecord?id=CVE-2012-0130"},{"name":"CVE-2009-3555","url":"https://www.cve.org/CVERecord?id=CVE-2009-3555"},{"name":"CVE-2010-4180","url":"https://www.cve.org/CVERecord?id=CVE-2010-4180"},{"name":"CVE-2012-0129","url":"https://www.cve.org/CVERecord?id=CVE-2012-0129"},{"name":"CVE-2012-0128","url":"https://www.cve.org/CVERecord?id=CVE-2012-0128"}],"links":[],"reference":"CERTA-2012-AVI-186","revisions":[{"description":"version initiale.","revision_date":"2012-04-03T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"Plusieurs vuln\u00e9rabilit\u00e9s pouvant \u00eatre exploit\u00e9es \u00e0 distance ont \u00e9t\u00e9\ncorrig\u00e9es dans HP Onboard Administrator.\n","title":"Vuln\u00e9rabilit\u00e9s dans HP Onboard Administrator","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 HP c03263573 du 02 avril 2012","url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03263573"}]}