Lucene search

[email protected]CVE-2007-3830

HistoryJul 17, 2007 - 9:30 p.m.

CVE-2007-3830

2007-07-1721:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

xss

vulnerability

alert.php

iss proventia network ips

gx5108

gx5008

remote attackers

web script

html

nvd

6.3 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.009 Low

EPSS

Percentile

82.9%

JSON

Cross-site scripting (XSS) vulnerability in alert.php in ISS Proventia Network IPS GX5108 1.3 and GX5008 1.5 allows remote attackers to inject arbitrary web script or HTML via the reminder parameter.

CPENameOperatorVersion
ibm:proventia_network_ips_gx5008ibm proventia network ips gx5008eq1.5
ibm:proventia_network_ips_gx5108ibm proventia network ips gx5108eq1.3

CPE	Name	Operator	Version
ibm:proventia_network_ips_gx5008	ibm proventia network ips gx5008	eq	1.5
ibm:proventia_network_ips_gx5108	ibm proventia network ips gx5108	eq	1.3

References

osvdb.org/36475

secunia.com/advisories/25979

www.sybsecurity.com/hack-proventia-1.pdf

www.vupen.com/english/advisories/2007/2545

6.3 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.009 Low

EPSS

Percentile

82.9%

JSON

Related for CVE-2007-3830

prion1