Lucene search

[email protected]NVD:CVE-2011-5184

HistorySep 20, 2012 - 10:55 a.m.

CVE-2011-5184

2012-09-2010:55:28

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.012

Percentile

85.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover; (2) nodename parameter to nnm/protected/configurationpoll.jsp, (3) nnm/protected/ping.jsp, (4) nnm/protected/statuspoll.jsp, or (5) nnm/protected/traceroute.jsp; or (6) field parameter to nmm/validate. NOTE: this might be a duplicate of CVE-2011-4155 or CVE-2011-4156.

Affected configurations

Nvd

Node

hpnetwork_node_manager_iMatch9.10

VendorProductVersionCPE
hpnetwork_node_manager_i9.10cpe:2.3:a:hp:network_node_manager_i:9.10:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hp	network_node_manager_i	9.10	cpe:2.3:a:hp:network_node_manager_i:9.10:::::::*

References

0a29.blogspot.com/2011/11/0a29-11-1-cross-site-scripting.html

osvdb.org/77396

osvdb.org/77397

osvdb.org/77398

osvdb.org/77399

osvdb.org/77400

osvdb.org/77401

secunia.com/advisories/46941

www.securityfocus.com/archive/1/520653/100/0/threaded

www.securityfocus.com/bid/50806

exchange.xforce.ibmcloud.com/vulnerabilities/71527

exchange.xforce.ibmcloud.com/vulnerabilities/71528

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.012

Percentile

85.3%

JSON

Related for NVD:CVE-2011-5184

cvelist3 prion3 cve3 nvd2 securityvulns2 exploitdb5 checkpoint_advisories2 nessus1