Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-4939
cve-2012-4939
cross-site scripting
xss vulnerability
ipam
solarwinds
nvd
web interface
remote attackers
security issue
5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.161 Low
EPSS
Percentile
96.0%
Cross-site scripting (XSS) vulnerability in IPAMSummaryView.aspx in the IPAM web interface before 3.0-HotFix1 in SolarWinds Orion Network Performance Monitor might allow remote attackers to inject arbitrary web script or HTML via the “Search for an IP address” field.
Affected configurations
Node
solarwindsip_address_manager_web_interfaceRange≤3.0
ORsolarwindsorion_network_performance_monitorMatch-
ORsolarwindsorion_network_performance_monitorMatch10.0
ORsolarwindsorion_network_performance_monitorMatch10.1
ORsolarwindsorion_network_performance_monitorMatch10.1.13.0
ORsolarwindsorion_network_performance_monitorMatch10.2
ORsolarwindsorion_network_performance_monitorMatch10.2.1
ORsolarwindsorion_network_performance_monitorMatch10.2.2
ORsolarwindsorion_network_performance_monitorMatch10.3
ORsolarwindsorion_network_performance_monitorMatch10.3.1
References
Related
checkpoint_advisories
checkpoint_advisories
SolarWinds Orion IPAM Reflected Cross-site Scripting (CVE-2012-4939)
2012-12-31 00:00:00
seebug
seebug
prion
prion
Cross site scripting
2012-10-31 19:55:00
cvelist
cvelist
CVE-2012-4939
2022-10-03 16:15:34
cert
cert
SolarWinds Orion IPAM web interface reflected xss vulnerability
2012-10-31 00:00:00
nvd
nvd
CVE-2012-4939
2012-10-31 19:55:00
5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.161 Low
EPSS
Percentile
96.0%
Related for CVE-2012-4939