Lucene search

MitreCVE-2014-4189

HistoryJun 17, 2014 - 2:55 p.m.

CVE-2014-4189

2014-06-1714:55:08

CWE-79

mitre

web.nvd.nist.gov

cve-2014-4189

cross-site scripting

xss

hitachi tuning manager

vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

60.3%

JSON

Cross-site scripting (XSS) vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Nvd

Node

hitachijp1\/performance_management-manager_web_optionMatch07-00solaris

hitachijp1\/performance_management-manager_web_optionMatch07-00windows

hitachijp1\/performance_management-manager_web_optionMatch07-54solaris

hitachijp1\/performance_management-manager_web_optionMatch07-54windows

hitachituning_managerMatch6.0.0solaris

hitachituning_managerMatch6.0.0windows

hitachituning_managerMatch7.1.0linux_kernel

hitachituning_managerMatch7.6.1solaris

hitachituning_managerMatch7.6.105solaris

hitachituning_managerMatch8.0.0linux_kernel

hitachituning_managerMatch8.0.0windows

hitachituning_managerMatch8.0.003linux_kernel

hitachituning_managerMatch8.0.003windows

VendorProductVersionCPE
hitachijp1\/performance_management-manager_web_option07-00cpe:2.3:a:hitachi:jp1\/performance_management-manager_web_option:07-00:*:*:*:*:solaris:*:*
hitachijp1\/performance_management-manager_web_option07-00cpe:2.3:a:hitachi:jp1\/performance_management-manager_web_option:07-00:*:*:*:*:windows:*:*
hitachijp1\/performance_management-manager_web_option07-54cpe:2.3:a:hitachi:jp1\/performance_management-manager_web_option:07-54:*:*:*:*:solaris:*:*
hitachijp1\/performance_management-manager_web_option07-54cpe:2.3:a:hitachi:jp1\/performance_management-manager_web_option:07-54:*:*:*:*:windows:*:*
hitachituning_manager6.0.0cpe:2.3:a:hitachi:tuning_manager:6.0.0:*:*:*:*:solaris:*:*
hitachituning_manager6.0.0cpe:2.3:a:hitachi:tuning_manager:6.0.0:*:*:*:*:windows:*:*
hitachituning_manager7.1.0cpe:2.3:a:hitachi:tuning_manager:7.1.0:*:*:*:*:linux_kernel:*:*
hitachituning_manager7.6.1cpe:2.3:a:hitachi:tuning_manager:7.6.1:*:*:*:*:solaris:*:*
hitachituning_manager7.6.1cpe:2.3:a:hitachi:tuning_manager:7.6.1:05:*:*:*:solaris:*:*
hitachituning_manager8.0.0cpe:2.3:a:hitachi:tuning_manager:8.0.0:*:*:*:*:linux_kernel:*:*

Vendor	Product	Version	CPE
hitachi	jp1\/performance_management-manager_web_option	07-00	cpe:2.3:a:hitachi:jp1\/performance_management-manager_web_option:07-00:::::solaris::
hitachi	jp1\/performance_management-manager_web_option	07-00	cpe:2.3:a:hitachi:jp1\/performance_management-manager_web_option:07-00:::::windows::
hitachi	jp1\/performance_management-manager_web_option	07-54	cpe:2.3:a:hitachi:jp1\/performance_management-manager_web_option:07-54:::::solaris::
hitachi	jp1\/performance_management-manager_web_option	07-54	cpe:2.3:a:hitachi:jp1\/performance_management-manager_web_option:07-54:::::windows::
hitachi	tuning_manager	6.0.0	cpe:2.3:a:hitachi:tuning_manager:6.0.0:::::solaris::
hitachi	tuning_manager	6.0.0	cpe:2.3:a:hitachi:tuning_manager:6.0.0:::::windows::
hitachi	tuning_manager	7.1.0	cpe:2.3:a:hitachi:tuning_manager:7.1.0:::::linux_kernel::
hitachi	tuning_manager	7.6.1	cpe:2.3:a:hitachi:tuning_manager:7.6.1:::::solaris::
hitachi	tuning_manager	7.6.1	cpe:2.3:a:hitachi:tuning_manager:7.6.1:05::::solaris::*
hitachi	tuning_manager	8.0.0	cpe:2.3:a:hitachi:tuning_manager:8.0.0:::::linux_kernel::

Rows per page:

1-10 of 131

References

secunia.com/advisories/58528

secunia.com/advisories/58899

www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-013/index.html

www.securityfocus.com/bid/68015

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

60.3%

JSON

Related for CVE-2014-4189