Lucene search
HistoryDec 31, 2004 - 5:00 a.m.
CVE-2004-2757
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.002
Percentile
55.8%
Cross-site scripting (XSS) vulnerability in the failed login page in Novell iChain before 2.2 build 2.2.113 and 2.3 First Customer Ship (FCS) allows remote attackers to inject arbitrary web script or HTML via url parameter.
Affected configurations
Node
novellichainRange≤2.2
ORnovellichainRange≤2.2sp1
ORnovellichainRange≤2.2sp1a
ORnovellichainRange≤2.2sp2
ORnovellichainRange≤2.2sp3
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.002
Percentile
55.8%
Related for NVD:CVE-2004-2757