CVE-2018-7064

🗓️ 10 May 2019 17:10:32Reported by hpeType

A reflected cross-site scripting (XSS) vulnerability in Aruba Instant web interfac

Reporter	Title	Published	Views	Family All 8
Tenable Nessus	Aruba Instant Web and Siemens SCALANCE W1750D Cross-Site Scripting	4 Jun 201900:00	–	nessus
Tenable Nessus	Siemens SCALANCE W1750D Improper Neutralization of Input During Web Page Generation (CVE-2018-7064)	11 Apr 202300:00	–	nessus
CNVD	ALE Alcatel OmniAccess Wireless Access Point Cross-Site Scripting Vulnerability	6 Mar 201900:00	–	cnvd
Cvelist	CVE-2018-7064	10 May 201917:10	–	cvelist
EUVD	EUVD-2018-18807	7 Oct 202500:30	–	euvd
ICS	ICSA-19-134-07 Siemens SCALANCE W1750D	14 May 201900:00	–	ics
NVD	CVE-2018-7064	10 May 201918:29	–	nvd
Prion	Cross site scripting	10 May 201918:29	–	prion

NVD

Node

arubanetworks aruba_instantRange4.0–4.2.4.12

arubanetworks aruba_instantRange6.5.0–6.5.4.11

arubanetworks aruba_instantRange8.3.0–8.3.0.6

arubanetworks aruba_instantRange8.4.0–8.4.0.1

Node

siemens scalance_w1750d_firmwareRange<8.4.0.1

AND

siemens scalance_w1750dMatch-

[
  {
    "product": "Aruba Instant (IAP)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Aruba Instant 4.x prior to 6.4.4.8 - 4.2.4.12 Aruba Instant 6.5.x prior to 6.5.4.11 Aruba Instant 8.3.x prior to 8.3.0.6 Aruba Instant 8.4.x prior to 8.4.0.1"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf
arubanetworks	www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt
securityfocus	www.securityfocus.com/bid/108374

21 Nov 2024 04:11Current

6Medium risk

Vulners AI Score6

CVSS 24.3

CVSS 36.1

EPSS0.0031

CWE-79