Lucene search

[email protected]CVE-2011-0552

HistoryOct 02, 2011 - 2:53 a.m.

CVE-2011-0552

2011-10-0202:53:33

CWE-79

[email protected]

web.nvd.nist.gov

symantec

im manager

xss

vulnerabilities

management console

nvd

cve-2011-0552

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.155 Low

EPSS

Percentile

95.9%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec IM Manager before 8.4.18 allow remote attackers to inject arbitrary web script or HTML via the (1) refreshRateSetting parameter to IMManager/Admin/IMAdminSystemDashboard.asp, the (2) nav or (3) menuitem parameter to IMManager/Admin/IMAdminTOC_simple.asp, or the (4) action parameter to IMManager/Admin/IMAdminEdituser.asp.

Affected configurations

NVD

Node

symantecim_managerRange≤8.4.17

symantecim_managerMatch6.0

symantecim_managerMatch6.5

symantecim_managerMatch7.0

symantecim_managerMatch7.5

symantecim_managerMatch8.3

symantecim_managerMatch8.4.0

symantecim_managerMatch8.4.1

symantecim_managerMatch8.4.2

symantecim_managerMatch8.4.5

symantecim_managerMatch8.4.6

symantecim_managerMatch8.4.7

symantecim_managerMatch8.4.8

symantecim_managerMatch8.4.9

symantecim_managerMatch8.4.10

symantecim_managerMatch8.4.11

symantecim_managerMatch8.4.12

symantecim_managerMatch8.4.13

symantecim_managerMatch8.4.15

symantecim_managerMatch8.4.16

CPENameOperatorVersion
symantec:im_managersymantec im managerle8.4.17
symantec:im_managersymantec im managereq6.0
symantec:im_managersymantec im managereq6.5
symantec:im_managersymantec im managereq7.0
symantec:im_managersymantec im managereq7.5
symantec:im_managersymantec im managereq8.3
symantec:im_managersymantec im managereq8.4.0
symantec:im_managersymantec im managereq8.4.1
symantec:im_managersymantec im managereq8.4.2
symantec:im_managersymantec im managereq8.4.5

CPE	Name	Operator	Version
symantec:im_manager	symantec im manager	le	8.4.17
symantec:im_manager	symantec im manager	eq	6.0
symantec:im_manager	symantec im manager	eq	6.5
symantec:im_manager	symantec im manager	eq	7.0
symantec:im_manager	symantec im manager	eq	7.5
symantec:im_manager	symantec im manager	eq	8.3
symantec:im_manager	symantec im manager	eq	8.4.0
symantec:im_manager	symantec im manager	eq	8.4.1
symantec:im_manager	symantec im manager	eq	8.4.2
symantec:im_manager	symantec im manager	eq	8.4.5