Lucene search

K
cve[email protected]CVE-2015-0513
HistoryJan 21, 2015 - 3:17 p.m.

CVE-2015-0513

2015-01-2115:17:11
CWE-79
web.nvd.nist.gov
18
cve-2015-0513
cross-site scripting
xss
emc m&r
vipr srm
security vulnerability

5.2 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

34.6%

Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging privileged access to set crafted values of unspecified fields.

Affected configurations

NVD
Node
emcwatch4netRange6.5
Node
emcvipr_srmRange3.6.0
CPENameOperatorVersion
emc:watch4netemc watch4netle6.5

5.2 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

34.6%