Description: | | An information disclosure vulnerability exists in HP SiteScope. The vulnerability is due to an access control weakness resulting in the disclosure of file contents on the target system via several SOAP requests. An unauthenticated remote attacker can exploit this vulnerability by sending malicious SOAP requests to the target server to view the contents of an arbitrary file. A successful exploitation attempt could result in the disclosure of information of any file on the target system, which can be used by a future attack. |