Lucene search

K
cveRedhatCVE-2012-1114
HistoryDec 05, 2019 - 9:15 p.m.

CVE-2012-1114

2019-12-0521:15:11
CWE-79
redhat
web.nvd.nist.gov
44
security
vulnerability
xss
ldap
lam
pro 3.6
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.009

Percentile

82.5%

A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.

Affected configurations

Nvd
Vulners
Node
ldap-account-managerldap_account_managerMatch3.6pro
Node
debiandebian_linuxMatch8.0
OR
debiandebian_linuxMatch9.0
OR
fedoraprojectfedoraMatch16
OR
fedoraprojectfedoraMatch17
OR
fedoraprojectfedoraMatch18
VendorProductVersionCPE
ldap-account-managerldap_account_manager3.6cpe:2.3:a:ldap-account-manager:ldap_account_manager:3.6:*:*:*:pro:*:*:*
debiandebian_linux8.0cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
debiandebian_linux9.0cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
fedoraprojectfedora16cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*
fedoraprojectfedora17cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
fedoraprojectfedora18cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "LDAP Account Manager (LAM)",
    "vendor": "ldap-account-manager",
    "versions": [
      {
        "status": "affected",
        "version": "3.6"
      }
    ]
  }
]

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.009

Percentile

82.5%