Lucene search
HistoryOct 17, 2013 - 12:55 a.m.
CVE-2013-5376
ibm
storwize
v7000
unified
xss
vulnerability
nvd
security
cross-site scripting
cve-2013-5376
5.2 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
47.2%
Cross-site scripting (XSS) vulnerability in IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, related to a “cross frame scripting” attack against an administrative user.
Affected configurations
Node
ibmstorwize_v7000_unified_softwareMatch1.3.0.0
ORibmstorwize_v7000_unified_softwareMatch1.3.2.0
ORibmstorwize_v7000_unified_softwareMatch1.3.2.3
ORibmstorwize_v7000_unified_softwareMatch1.4.0.0
ORibmstorwize_v7000_unified_softwareMatch1.4.0.4
ORibmstorwize_v7000_unified_softwareMatch1.4.1.0
ORibmstorwize_v7000_unified_softwareMatch1.4.1.1
ibmstorwize_v7000_unifiedMatch-
Related
prion
prion
Cross site scripting
2013-10-17 00:55:00
ibm
ibm
cvelist
cvelist
CVE-2013-5376
2013-10-17 00:00:00
nvd
nvd
CVE-2013-5376
2013-10-17 00:55:03
5.2 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
47.2%
Related for CVE-2013-5376