Lucene search

[email protected]CVE-2017-12544

HistoryFeb 15, 2018 - 10:29 p.m.

CVE-2017-12544

2018-02-1522:29:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2017-12544

cross-site scripting

hpe system management homepage

windows

linux

nvd

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.967 High

EPSS

Percentile

99.7%

JSON

A cross-site scripting vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.

CPENameOperatorVersion
hp:system_management_homepagehp system management homepagelt7.6.1

CPE	Name	Operator	Version
hp:system_management_homepage	hp system management homepage	lt	7.6.1

References

www.securityfocus.com/bid/101029

www.securitytracker.com/id/1039437

support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.967 High

EPSS

Percentile

99.7%

JSON

Related for CVE-2017-12544

checkpoint_advisories2 packetstorm2 nuclei1 prion1 nessus1 openvas1