CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
75.1%
Cross-site scripting (XSS) vulnerability in the Hitachi JP1/HiCommand Device Manager, Tiered Storage Manager, Replication Monitor, and GlobalLink Availability Manager before 20070528 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header.
Vendor | Product | Version | CPE |
---|---|---|---|
hitachi | jp1-hicommand_device_manager | 02_30 | cpe:2.3:a:hitachi:jp1-hicommand_device_manager:02_30:*:solaris:*:*:*:*:* |
hitachi | jp1-hicommand_device_manager | 02_30 | cpe:2.3:a:hitachi:jp1-hicommand_device_manager:02_30:*:windows:*:*:*:*:* |
hitachi | jp1-hicommand_device_manager | 05_00 | cpe:2.3:a:hitachi:jp1-hicommand_device_manager:05_00:*:solaris:*:*:*:*:* |
hitachi | jp1-hicommand_device_manager | 05_00 | cpe:2.3:a:hitachi:jp1-hicommand_device_manager:05_00:*:windows:*:*:*:*:* |
hitachi | jp1-hicommand_device_manager | 05_10 | cpe:2.3:a:hitachi:jp1-hicommand_device_manager:05_10:*:linux:*:*:*:*:* |
hitachi | jp1-hicommand_device_manager | 05_50 | cpe:2.3:a:hitachi:jp1-hicommand_device_manager:05_50:*:linux:*:*:*:*:* |
hitachi | jp1-hicommand_device_manager | 05_50 | cpe:2.3:a:hitachi:jp1-hicommand_device_manager:05_50:*:solaris:*:*:*:*:* |
hitachi | jp1-hicommand_device_manager | 05_50 | cpe:2.3:a:hitachi:jp1-hicommand_device_manager:05_50:*:windows:*:*:*:*:* |
hitachi | jp1-hicommand_global_link_availability_manager | 05_00 | cpe:2.3:a:hitachi:jp1-hicommand_global_link_availability_manager:05_00:*:windows:*:*:*:*:* |
hitachi | jp1-hicommand_replication_monitor | 04_00 | cpe:2.3:a:hitachi:jp1-hicommand_replication_monitor:04_00:*:solaris:*:*:*:*:* |