CVE-2012-3260

critical

Published 2012-09-25 · Modified 2026-04-29

CVSS v3

—

CVSS v2

10.0

VIR risk

10.0

Description

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1462.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: hp-security-alert@hp.com — http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03489683

Application impact

Vendor	Product	Versions
hp	sitescope	`11.10`
hp	sitescope	`11.11`
hp	sitescope	`11.12`

References

http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03489683
http://marc.info/?l=bugtraq&m=134825051608877&w=2
http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03489683
http://marc.info/?l=bugtraq&m=134825051608877&w=2

Verify integrity in audit chain (admin only). AS-IS.