Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2017-9781
HistoryJun 21, 2017 - 6:29 p.m.

CVE-2017-9781

2017-06-2118:29:00
CWE-79
[email protected]
web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.002 Low

EPSS

Percentile

59.8%

JSON

A cross site scripting (XSS) vulnerability exists in Check_MK versions 1.4.0x prior to 1.4.0p6, allowing an unauthenticated remote attacker to inject arbitrary HTML or JavaScript via the _username parameter when attempting authentication to webapi.py, which is returned unencoded with content type text/html.

Affected configurations

NVD
Node
check_mk_projectcheck_mkMatch1.4.0
OR
check_mk_projectcheck_mkMatch1.4.0p1
OR
check_mk_projectcheck_mkMatch1.4.0p2
OR
check_mk_projectcheck_mkMatch1.4.0p3
OR
check_mk_projectcheck_mkMatch1.4.0p4
OR
check_mk_projectcheck_mkMatch1.4.0p5

Related

cvelist 1
cve 1
ubuntucve 1
prion 1
osv 3
nessus 3
ubuntu 2
openvas 2
cvelist
cvelist
CVE-2017-9781
2017-06-21 18:00:00
cve
cve
CVE-2017-9781
2017-06-21 18:29:00
ubuntucve
ubuntucve
CVE-2017-9781
2017-06-21 00:00:00
prion
prion
Cross site scripting
2017-06-21 18:29:00
osv
osv
CVE-2017-9781
2017-06-21 18:29:00
check-mk vulnerabilities
2022-07-20 08:36:48
check-mk vulnerabilities
2022-07-20 10:26:46
nessus
nessus
Check_MK < 1.4.0p6 webapi.py XSS
2017-06-28 00:00:00
Ubuntu 16.04 ESM : Checkmk vulnerabilities (USN-5527-2)
2023-10-23 00:00:00
Ubuntu 18.04 LTS : Checkmk vulnerabilities (USN-5527-1)
2022-07-20 00:00:00
ubuntu
ubuntu
Checkmk vulnerabilities
2022-07-20 00:00:00
Checkmk vulnerabilities
2022-07-20 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5527-2)
2023-01-27 00:00:00
Ubuntu: Security Advisory (USN-5527-1)
2022-07-21 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.002 Low

EPSS

Percentile

59.8%

JSON
Related for NVD:CVE-2017-9781
cvelist1cve1ubuntucve1prion1osv3nessus3ubuntu2openvas2