The host is installed with HP Power Manager and is prone to cross-site request forgery (CSRF) vulnerability. A flaw is present in the application, which fails to validate HTTP requests. Successful exploitation could allow remote attackers to steal valid user's cookies and run HTTP requests requiring administrative privilege.