HP 2620 switches are vulnerable to a cross-site request forgery vulnerability, which could allow attackers to execute arbitrary administrative actions if a user clicked on a malicious link from the attacker.
HP 2620 Switch Series RA 15.05.0006 and possibly other versions
Cross-Site Request Forgery
Exploitation of this vulnerability is possible via forged HTML forms, sent to a victim through a number of different attack vectors (including malicious links). Attackers who successfully exploit this vulnerability may be able execute administrative actions.
BeyondTrust Prevention and Detection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
- 32339 - HP 2620 Switch Series Cross-Site Request Forgery (20140109) (Zero-Day)
No mitigations are currently available.