Lucene search

[email protected]CVE-2010-3994

HistoryOct 28, 2010 - 8:00 p.m.

CVE-2010-3994

2010-10-2820:00:03

CWE-79

[email protected]

web.nvd.nist.gov

cve-2010-3994

cross-site scripting

xss

hp version control repository manager

vcrm

vulnerability

remote attackers

web script

html.

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.5%

JSON

Cross-site scripting (XSS) vulnerability in HP Version Control Repository Manager (VCRM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

hphpMatchversion_control_repository_manager6.0

hpversion_control_repository_managerRange≤6.1.2

hpversion_control_repository_managerMatch1.0.1288.1

hpversion_control_repository_managerMatch1.0.2241.0

hpversion_control_repository_managerMatch1.0.2289.0

hpversion_control_repository_managerMatch1.0.2345.0

hpversion_control_repository_managerMatch1.0.3085.0

hpversion_control_repository_managerMatch1.0.3086.0

hpversion_control_repository_managerMatch2.0.0.50

hpversion_control_repository_managerMatch2.0.1.30

hpversion_control_repository_managerMatch2.1.1.710

hpversion_control_repository_managerMatch2.1.1.720

hpversion_control_repository_managerMatch6.0.1

hpversion_control_repository_managerMatch6.0.2

hpversion_control_repository_managerMatch6.1

CPENameOperatorVersion
hp:hphpeqversion_control_repository_manager
hp:version_control_repository_managerhp version control repository managerle6.1.2
hp:version_control_repository_managerhp version control repository managereq1.0.1288.1
hp:version_control_repository_managerhp version control repository managereq1.0.2241.0
hp:version_control_repository_managerhp version control repository managereq1.0.2289.0
hp:version_control_repository_managerhp version control repository managereq1.0.2345.0
hp:version_control_repository_managerhp version control repository managereq1.0.3085.0
hp:version_control_repository_managerhp version control repository managereq1.0.3086.0
hp:version_control_repository_managerhp version control repository managereq2.0.0.50
hp:version_control_repository_managerhp version control repository managereq2.0.1.30

CPE	Name	Operator	Version
hp:hp	hp	eq	version_control_repository_manager
hp:version_control_repository_manager	hp version control repository manager	le	6.1.2
hp:version_control_repository_manager	hp version control repository manager	eq	1.0.1288.1
hp:version_control_repository_manager	hp version control repository manager	eq	1.0.2241.0
hp:version_control_repository_manager	hp version control repository manager	eq	1.0.2289.0
hp:version_control_repository_manager	hp version control repository manager	eq	1.0.2345.0
hp:version_control_repository_manager	hp version control repository manager	eq	1.0.3085.0
hp:version_control_repository_manager	hp version control repository manager	eq	1.0.3086.0
hp:version_control_repository_manager	hp version control repository manager	eq	2.0.0.50
hp:version_control_repository_manager	hp version control repository manager	eq	2.0.1.30

Rows per page:

1-10 of 151

References

marc.info/?l=bugtraq&m=128811016023086&w=2

osvdb.org/68907

secunia.com/advisories/41998

securitytracker.com/id?1024644

www.securityfocus.com/bid/44431

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.5%

JSON

Related for CVE-2010-3994

securityvulns2 prion1 nvd1 cvelist1