Lucene search

[email protected]CVE-2004-2580

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2580

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-2580

cross-site scripting

xss

novell ichain

credential theft

remote attack

6.5 Medium

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.004 Low

EPSS

Percentile

72.1%

JSON

Cross-site scripting (XSS) vulnerability in Novell iChain 2.3 allows remote attackers to obtain login credentials via unspecified vectors.

CPENameOperatorVersion
novell:ichainnovell ichaineq2.3

CPE	Name	Operator	Version
novell:ichain	novell ichain	eq	2.3

References

secunia.com/advisories/12366

securitytracker.com/id?1011074

www.osvdb.org/9267

www.securityfocus.com/bid/11061

exchange.xforce.ibmcloud.com/vulnerabilities/17133

6.5 Medium

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.004 Low

EPSS

Percentile

72.1%

JSON