CVE-2009-4185

Name: CVE-2009-4185
Creator: NVD / NIST
Published: 2010-02-05T22:30:02.327+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 3.00%

Last modified Jun 16, 2026

CVE-2009-4185 is a vulnerability of currently unknown severity. Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter.. EPSS estimates a 3.00% chance of exploitation in the next 30 days.

Description

Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter.

Metrics

EPSS Probability

3.00%

85.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-79

Affected Software

Vendor	Product	Versions
Hp	System Management Homepage	<= 3.0.2.77
Hp	System Management Homepage	2.0.0
Hp	System Management Homepage	2.0.1
Hp	System Management Homepage	2.0.2
Hp	System Management Homepage	2.1
Hp	System Management Homepage	2.1.0-103
Hp	System Management Homepage	2.1.0-103\(a\)
Hp	System Management Homepage	2.1.0-109
Hp	System Management Homepage	2.1.0-118
Hp	System Management Homepage	2.1.1
Hp	System Management Homepage	2.1.2
Hp	System Management Homepage	2.1.2-127
Hp	System Management Homepage	2.1.3
Hp	System Management Homepage	2.1.3.132
Hp	System Management Homepage	2.1.4
Hp	System Management Homepage	2.1.4-143
Hp	System Management Homepage	2.1.5
Hp	System Management Homepage	2.1.5-146
Hp	System Management Homepage	2.1.6
Hp	System Management Homepage	2.1.6-156
Hp	System Management Homepage	2.1.7
Hp	System Management Homepage	2.1.7-168
Hp	System Management Homepage	2.1.8
Hp	System Management Homepage	2.1.8-177
Hp	System Management Homepage	2.1.9
Hp	System Management Homepage	2.1.9-178
Hp	System Management Homepage	2.1.10
Hp	System Management Homepage	2.1.10-186
Hp	System Management Homepage	2.1.11
Hp	System Management Homepage	2.1.11-197
Hp	System Management Homepage	2.1.12-118
Hp	System Management Homepage	2.1.12-200
Hp	System Management Homepage	2.1.15-210
Hp	System Management Homepage	2.2.6
Hp	System Management Homepage	2.2.8
Hp	System Management Homepage	3.0.0-68
Hp	System Management Homepage	3.0.1.73

References

Timeline

Published: Feb 5, 2010
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2009-4185?

How severe is CVE-2009-4185?

Severity scoring for CVE-2009-4185 is pending analysis. The EPSS model estimates a 3.00% probability of exploitation in the next 30 days.

How do I fix CVE-2009-4185?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-4185?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST