{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<p>HP Insight Management Agents pour  Windows Server versions ant\u00e9rieures \u00e0 9.0.0.0.</p>","content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2012-2004","url":"https://www.cve.org/CVERecord?id=CVE-2012-2004"},{"name":"CVE-2012-2006","url":"https://www.cve.org/CVERecord?id=CVE-2012-2006"},{"name":"CVE-2012-2003","url":"https://www.cve.org/CVERecord?id=CVE-2012-2003"},{"name":"CVE-2012-2005","url":"https://www.cve.org/CVERecord?id=CVE-2012-2005"}],"links":[],"reference":"CERTA-2012-AVI-247","revisions":[{"description":"version initiale.","revision_date":"2012-05-04T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"},{"description":"Redirection d'url"},{"description":"Injection de code indirecte \u00e0 distance"}],"summary":"Plusieurs vuln\u00e9rabilit\u00e9s non sp\u00e9cifi\u00e9es ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">HP Insight Management Agents</span>. Elles permettent\nd'injecter des requ\u00eates ill\u00e9gitimes par rebond (CSRF, CVE-2012-2003), de\nrediriger des URLs vers un site arbitraire (CVE-2012-2004), d'injecter\nindirectement du code \u00e0 distance (XSS, CVE-2012-2005) ou de causer un\nd\u00e9ni de service (CVE-2012-2006).\n","title":"Vuln\u00e9rabilit\u00e9s dans HP Insight Management Agents","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 HP c03301267 du 01 mai 2012","url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03301267"}]}