Lucene search

[email protected]CVE-2014-0611

HistoryJul 22, 2015 - 2:59 p.m.

CVE-2014-0611

2015-07-2214:59:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2014-0611

xss

novell groupwise

webaccess

security vulnerability

nvd

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.066 Low

EPSS

Percentile

93.7%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in Novell GroupWise 2012 before Support Pack 4 and 2014 before Support Pack 2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
novell:groupwisenovell groupwisele2012
novell:groupwisenovell groupwisele2014

CPE	Name	Operator	Version
novell:groupwise	novell groupwise	le	2012
novell:groupwise	novell groupwise	le	2014

References

www.novell.com/support/kb/doc.php?id=7016653

www.securitytracker.com/id/1032978

bugzilla.novell.com/show_bug.cgi?id=909584

bugzilla.novell.com/show_bug.cgi?id=909586

bugzilla.novell.com/show_bug.cgi?id=909587

bugzilla.novell.com/show_bug.cgi?id=909588

bugzilla.novell.com/show_bug.cgi?id=909590

bugzilla.novell.com/show_bug.cgi?id=930467

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.066 Low

EPSS

Percentile

93.7%

JSON

Related for CVE-2014-0611

checkpoint_advisories1 prion1 nessus2