CVE-2021-26587

🗓️ 27 Sep 2021 14:01:37Reported by hpeType

A potential DOM-based XSS vulnerability in HPE StoreOnce. Update to HPE StoreOnce 4.3.0 to fix

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2021-26587	27 Sep 202118:35	–	circl
CNNVD	Hewlett Packard Enterprise HPE StoreOnce 跨站脚本漏洞	21 Sep 202100:00	–	cnnvd
Cvelist	CVE-2021-26587	27 Sep 202114:01	–	cvelist
EUVD	EUVD-2021-13385	7 Oct 202500:30	–	euvd
NVD	CVE-2021-26587	27 Sep 202115:15	–	nvd
Prion	Cross site scripting	27 Sep 202115:15	–	prion
RedhatCVE	CVE-2021-26587	22 May 202520:40	–	redhatcve

NVD

Node

hpe storeonce_5200_firmwareRange≤4.2.3

AND

hpe storeonce_5200Match-

Node

hpe storeonce_5650_firmwareRange≤4.2.3

AND

hpe storeonce_5650Match-

Node

hpe storeonce_5250_firmwareRange≤4.2.3

AND

hpe storeonce_5250Match-

Node

hpe storeonce_3640_firmwareRange≤4.2.3

AND

hpe storeonce_3640Match-

Node

hpe storeonce_3620_firmwareRange≤4.2.3

AND

hpe storeonce_3620Match-

Node

hpe storeonce_vsa_4tb_firmwareRange≤4.2.3

AND

hpe storeonce_vsa_4tbMatch-

[
  {
    "product": "HPE StoreOnce 3620; HPE StoreOnce 3640; HPE StoreOnce 5200; HPE StoreOnce 5250; HPE StoreOnce 5650; HPE StoreOnce VSA 4TB",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Firmware version: 4.2.3 and earlier"
      },
      {
        "status": "affected",
        "version": "FW version: 4.2.3 and earlier"
      }
    ]
  }
]

Source	Link
support	www.support.hpe.com/hpsc/doc/public/display

21 Nov 2024 05:56Current

6.2Medium risk

Vulners AI Score6.2

CVSS 26

CVSS 3.16.5

EPSS0.00304

CWE-79