Lucene search

[email protected]CVE-2015-6549

HistoryOct 06, 2015 - 1:59 a.m.

CVE-2015-6549

2015-10-0601:59:28

CWE-79

[email protected]

web.nvd.nist.gov

cve

2015

6549

cross-site scripting

xss

symantec

netbackup

opscenter

security vulnerability

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.6%

JSON

Cross-site scripting (XSS) vulnerability in an application console in the server in Symantec NetBackup OpsCenter before 7.7.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

symantecnetbackup_opscenterRange≤7.7.0

CPENameOperatorVersion
symantec:netbackup_opscentersymantec netbackup opscenterle7.7.0

CPE	Name	Operator	Version
symantec:netbackup_opscenter	symantec netbackup opscenter	le	7.7.0

References

www.securityfocus.com/bid/76896

www.securitytracker.com/id/1033726

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20151001_00

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.6%

JSON

Related for CVE-2015-6549

cvelist1 prion1 nvd1