Home
MEDIUM: 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:H/VA:H/SC:N/SI:N/SA:NDefault status
unknown
Any version before 9.50
affected
Default status
unknown
Any version before 8.6.0
affected
Default status
unknown
Any version before 9.5.0
affected
Description
Malicious use of a stolen cookie might allow modifications to the contents of the IP phone’s webpage.
Problem types
CWE-352 Cross-Site request forgery (CSRF)
Product status
Any version before 9.50
Any version before 8.6.0
Any version before 9.5.0
References
support.hp.com/...ument/ish_15255241-15255270-16/hpsbpy04109