Lucene search

[email protected]CVE-2006-1574

HistoryApr 01, 2006 - 12:04 a.m.

CVE-2006-1574

2006-04-0100:04:00

[email protected]

web.nvd.nist.gov

cve-2006-1574

cross-site scripting

xss

groupmax

web desktop

scheduler

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.1%

JSON

Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web, World Wide Web Desktop, World Wide Web for Scheduler, and Desktop for Scheduler, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

Affected configurations

NVD

Node

hitachigroupmax_world_wide_webMatch2

hitachigroupmax_world_wide_webMatch3

hitachigroupmax_world_wide_web_desktop

hitachigroupmax_world_wide_web_desktopMatch5

hitachigroupmax_world_wide_web_desktopMatch6

hitachigroupmax_world_wide_web_desktop_schedulerMatch5

hitachigroupmax_world_wide_web_schedulerMatch2

hitachigroupmax_world_wide_web_schedulerMatch3

CPENameOperatorVersion
hitachi:groupmax_world_wide_webhitachi groupmax world wide webeq2
hitachi:groupmax_world_wide_webhitachi groupmax world wide webeq3
hitachi:groupmax_world_wide_web_desktophitachi groupmax world wide web desktopeq*
hitachi:groupmax_world_wide_web_desktophitachi groupmax world wide web desktopeq5
hitachi:groupmax_world_wide_web_desktophitachi groupmax world wide web desktopeq6
hitachi:groupmax_world_wide_web_desktop_schedulerhitachi groupmax world wide web desktop schedulereq5
hitachi:groupmax_world_wide_web_schedulerhitachi groupmax world wide web schedulereq2
hitachi:groupmax_world_wide_web_schedulerhitachi groupmax world wide web schedulereq3

CPE	Name	Operator	Version
hitachi:groupmax_world_wide_web	hitachi groupmax world wide web	eq	2
hitachi:groupmax_world_wide_web	hitachi groupmax world wide web	eq	3
hitachi:groupmax_world_wide_web_desktop	hitachi groupmax world wide web desktop	eq	*
hitachi:groupmax_world_wide_web_desktop	hitachi groupmax world wide web desktop	eq	5
hitachi:groupmax_world_wide_web_desktop	hitachi groupmax world wide web desktop	eq	6
hitachi:groupmax_world_wide_web_desktop_scheduler	hitachi groupmax world wide web desktop scheduler	eq	5
hitachi:groupmax_world_wide_web_scheduler	hitachi groupmax world wide web scheduler	eq	2
hitachi:groupmax_world_wide_web_scheduler	hitachi groupmax world wide web scheduler	eq	3

References

secunia.com/advisories/19483

www.hitachi-support.com/security_e/vuls_e/HS06-005_e/index-e.html

www.osvdb.org/24295

www.securityfocus.com/bid/17337

www.vupen.com/english/advisories/2006/1180

exchange.xforce.ibmcloud.com/vulnerabilities/25574

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.1%

JSON

Related for CVE-2006-1574

cvelist1 prion1 nvd1