‘HP Insight Control Performance Management Privilege Elevation and Cross Site Request Forgery Vulnerabilities’
‘The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02748970‘
* HP Insight Control performance management prior to v6.3
* HP Insight Control performance management v6.3 or subsequent
Potential security vulnerabilities have been identified in HP Insight Control performance management for Windows. The vulnerabilities could be exploited remotely resulting in privilege elevation and cross site request forgery (CSRF).
The HP Insight Control performance management updates are contained on Insight Software DVD images. These DVD images are available here:
Version: 1 (rev.1) – 20 April 2011 Initial release’