Lucene search

[email protected]CVE-2010-4101

HistoryNov 02, 2010 - 2:26 a.m.

CVE-2010-4101

2010-11-0202:26:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2010-4101

cross-site scripting

xss vulnerability

hp insight recovery

web security

nvd

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

85.9%

JSON

Cross-site scripting (XSS) vulnerability in HP Insight Recovery before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
hp:insight_recoveryhp insight recoveryeq6.0
hp:insight_recoveryhp insight recoveryeq1.0
hp:insight_recoveryhp insight recoveryle6.1

CPE	Name	Operator	Version
hp:insight_recovery	hp insight recovery	eq	6.0
hp:insight_recovery	hp insight recovery	eq	1.0
hp:insight_recovery	hp insight recovery	le	6.1

References

secunia.com/advisories/42037

www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02571464

www.securityfocus.com/bid/44545

www.securitytracker.com/id?1024673

www.vupen.com/english/advisories/2010/2830

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

85.9%

JSON

Related for CVE-2010-4101

prion1 cvelist1 securityvulns2