CVE-2010-3012

Опубликовано: 17 сент. 2010

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error.

Ссылки

http://secunia.com/advisories/41480
Vendor Advisory
http://secunia.com/advisories/41490
Vendor Advisory
http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
http://secunia.com/advisories/41480
Vendor Advisory
http://secunia.com/advisories/41490
Vendor Advisory
http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*

Версия до 6.1 (включая)

cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.0-103\(a\):*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.0.121:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.2.127:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.4.143:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.5.146:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.5.146:b:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.6.156:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.7.168:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.8.179:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.10.186:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.10.186:b:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.10.186:c:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.11.197:a:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.12-200:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.12.201:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.14.20:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.15-210:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.1.15.210:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.2.6:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:2.2.8:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:3.0.0-68:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:3.0.0.64:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:3.0.1-73:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:3.0.1.73:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:3.0.2-77:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:3.0.2.77:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:3.0.2.77:b:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:6.0:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:6.0.0-95:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:6.0.0.96:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:6.1.0-103:*:*:*:*:*:*:*

cpe:2.3:a:hp:system_management_homepage:6.1.0.102:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.0076

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-r4hf-pjfc-h3r3

github

больше 3 лет назад