CVE-2011-0277 Information

Description

Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts.

Reference

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02711131 http://osvdb.org/70836 http://secunia.com/advisories/43058 http://www.securityfocus.com/bid/46258 http://www.securitytracker.com/id?1025032