Lucene search

[email protected]NVD:CVE-2009-0857

HistoryMar 09, 2009 - 9:30 p.m.

CVE-2009-0857

2009-03-0921:30:00

CWE-79

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.2%

JSON

Cross-site scripting (XSS) vulnerability in /prm/reports in the Performance Reporting Module (PRM) for Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: this can be leveraged for access to the SunMC Web Console.

Affected configurations

NVD

Node

sunmanagement_centerMatch3.6.1

AND

sunsolarisMatch8sparc

sunsolarisMatch9sparc

sunsolarisMatch10sparc

Node

sunmanagement_centerMatch4.0

AND

sunsolarisMatch10x86

References

secunia.com/advisories/34146

securitytracker.com/id?1021809

sunsolve.sun.com/search/document.do?assetkey=1-21-125191-04-1

sunsolve.sun.com/search/document.do?assetkey=1-66-247046-1

www.securityfocus.com/bid/33999

www.vupen.com/english/advisories/2009/0605

exchange.xforce.ibmcloud.com/vulnerabilities/49076

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.2%

JSON

Related for NVD:CVE-2009-0857

cve1 nessus6 prion1 cvelist1