PT-2006-5872 · Mercury · Mercury Sitescope

Ozkan Aziz

Publicado

2006-10-02

Atualizado

2018-10-17

CVE-2006-5134

CVSS v2.0

4.0

Média

Vetor

AV:N/AC:L/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Mercury SiteScope version 8.1.2.0 Mercury SiteScope version 8.2

Description The issue allows remote authenticated users to cause a denial of service, resulting in a loss of connectivity to the classic interface. This can be achieved via attempted HTML injection into the new monitor description field.

Recommendations For Mercury SiteScope version 8.1.2.0, avoid using the new monitor description field until a fix is available. For Mercury SiteScope version 8.2, restrict access to the new monitor description field to prevent HTML injection attempts until a patch is released.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-5134

Produtos afetados

Mercury Sitescope

PT-2006-5872 · Mercury · Mercury Sitescope

CVE-2006-5134

Identificadores relacionados

Produtos afetados

Referências · 6