Lucene search
HistoryAug 16, 2013 - 1:55 a.m.
CVE-2013-4007
cve-2013-4007
cross-site scripting
xss vulnerability
adv_sw.php
ibm bladecenter amm
firmware bbet
firmware bpet
remote attackers
web script injection
html injection
nvd
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.4%
Cross-site scripting (XSS) vulnerability in adv_sw.php in the Advanced Management Module (AMM) with firmware BBET before BBET64G and BPET before BPET64G for IBM BladeCenter systems allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected configurations
Node
ibmadvanced_management_moduleRange≤2.48l
ORibmadvanced_management_moduleRange≤3.54g
ORibmadvanced_management_moduleMatch1.00
ORibmadvanced_management_moduleMatch1.01
ORibmadvanced_management_moduleMatch1.20
ORibmadvanced_management_moduleMatch1.20f
ORibmadvanced_management_moduleMatch1.25
ORibmadvanced_management_moduleMatch1.25e
ORibmadvanced_management_moduleMatch1.25i
ORibmadvanced_management_moduleMatch1.26b
ORibmadvanced_management_moduleMatch1.26e
ORibmadvanced_management_moduleMatch1.26h
ORibmadvanced_management_moduleMatch1.26i
ORibmadvanced_management_moduleMatch1.26k
ORibmadvanced_management_moduleMatch1.28g
ORibmadvanced_management_moduleMatch1.32d
ORibmadvanced_management_moduleMatch1.34b
ORibmadvanced_management_moduleMatch1.34e
ORibmadvanced_management_moduleMatch1.36d
ORibmadvanced_management_moduleMatch1.36g
ORibmadvanced_management_moduleMatch1.36h
ORibmadvanced_management_moduleMatch1.36k
ORibmadvanced_management_moduleMatch1.42d
ORibmadvanced_management_moduleMatch1.42f
ORibmadvanced_management_moduleMatch1.42i
ORibmadvanced_management_moduleMatch1.42n
ORibmadvanced_management_moduleMatch1.42o
ORibmadvanced_management_moduleMatch1.42t
ORibmadvanced_management_moduleMatch2.46c
ORibmadvanced_management_moduleMatch2.46j
ORibmadvanced_management_moduleMatch2.48c
ORibmadvanced_management_moduleMatch2.48d
ORibmadvanced_management_moduleMatch2.48g
ORibmadvanced_management_moduleMatch2.48n
ORibmadvanced_management_moduleMatch2.50c
ORibmadvanced_management_moduleMatch2.50g
ORibmadvanced_management_moduleMatch2.50k
ORibmadvanced_management_moduleMatch2.50p
ORibmadvanced_management_moduleMatch3.54d
ibmbladecenterMatchhs22
ORibmbladecenterMatchhs22v
ORibmbladecenterMatchhs23
ORibmbladecenterMatchhs23e
ORibmbladecenterMatchhx5
Related
ibm
ibm
cvelist
cvelist
CVE-2013-4007
2013-08-16 01:00:00
nvd
nvd
CVE-2013-4007
2013-08-16 01:55:16
prion
prion
Cross site scripting
2013-08-16 01:55:00
packetstorm
packetstorm
IBM Advanced Management Module Cross Site Scripting
2013-08-12 00:00:00
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.4%
Related for CVE-2013-4007