Lucene search
HistoryJun 22, 2012 - 10:24 a.m.
CVE-2012-2172
cve-2012-2172
cross-site scripting
xss
ibm
ds storage manager
security vulnerability
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
74.6%
Cross-site scripting (XSS) vulnerability in SoftwareRegistration.do in the Storage Manager Profiler in IBM System Storage DS Storage Manager before 10.83.xx.18 on DS Series devices allows remote attackers to inject arbitrary web script or HTML via the updateRegn parameter.
Affected configurations
Node
ibmds_storage_manager_host_softwareRange≤10.83
ORibmds_storage_manager_host_softwareMatch10.8
ORibmds_storage_manager_host_softwareMatch10.60.x5.14
ibmds4100
ORibmds4100Match1724
ORibmds4200Match1814
ORibmds4300Match1722
ORibmds4400Match1742
ORibmds4500Match1742
ORibmds4700Match1814
ORibmds4800Match1815
ORibmsystem_storage_dcs3700_storage_subsystemMatch1818
ORibmsystem_storage_ds3200Match1726
ORibmsystem_storage_ds3300Match1726
ORibmsystem_storage_ds3400Match1726
ORibmsystem_storage_ds3512Match1746
ORibmsystem_storage_ds3524Match1746
ORibmsystem_storage_ds3950_expressMatch1814
ORibmsystem_storage_ds5020_disk_controllerMatch1814-20a
ORibmsystem_storage_ds5100_storage_controllerMatch1818
ORibmsystem_storage_ds5300_storage_controllerMatch1818
Related
nvd
nvd
CVE-2012-2172
2012-06-22 10:24:07
prion
prion
Cross site scripting
2012-06-22 10:24:00
cvelist
cvelist
CVE-2012-2172
2012-06-22 10:00:00
packetstorm
packetstorm
IBM System Storage DS Storage Manager Profiler 4.8.6 XSS / SQL Injection
2012-06-21 00:00:00
exploitpack
exploitpack
IBM System Storage DS Storage Manager Profiler - Multiple Vulnerabilities
2012-06-21 00:00:00
zeroscience
zeroscience
IBM System Storage DS Storage Manager Profiler Multiple Vulnerabilities
2012-06-20 00:00:00
exploitdb
exploitdb
IBM System Storage DS Storage Manager Profiler - Multiple Vulnerabilities
2012-06-21 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
74.6%
Related for CVE-2012-2172