U radu paketa HP ProLiant SL Advanced Power Manager otkriven je i ispravljen sigurnosni nedostatak koji lokalnim napadačima omogućuje zaobilaženje određenih sigurnosnih ograničenja.

HP ProLiant SL Advanced Power Manager User Validation Security Bypass Vulnerability
Secunia Advisory 	SA45521 	
Release Date 	2011-08-10
Criticality level 	Less criticalLess critical
Impact 	Security Bypass
Where 	From local network
Authentication level 	Available in Customer Area
  	 
Report reliability 	Available in Customer Area
Solution Status 	Vendor Patch
  	 
Systems affected 	Available in Customer Area
Approve distribution 	Available in Customer Area
  	 
Operating System	
	HP ProLiant SL Advanced Power Manager

Secunia CVSS Score 	Available in Customer Area
CVE Reference(s) 	CVE-2011-2405 CVSS available in Customer Area
	   	

Description

A vulnerability has been reported in HP ProLiant SL Advanced Power Manager, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is caused due to an unspecified error and can be exploited to validate a user.

The vulnerability is reported in firmware versions 1.10 and 1.11. Please see the vendor's advisory for a list of affected servers.

Solution
Update to firmware version 1.20 or later.

Provided and/or discovered by
Reported by the vendor.

Original Advisory
HPSBHF02699 SSRT100592:
http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c0295084