PT-2011-2248 · Hewlett Packard · Hp Business Availability Center+1

Daniel Frye

·

Publicado

2011-01-24

·

Atualizado

2017-08-17

·

CVE-2011-0274

CVSS v2.0

4.3

Média

VetorAV:N/AC:M/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions HP Business Availability Center (BAC) versions 7.x through 7.55 HP Business Availability Center (BAC) versions 8.x through 8.05 HP Business Service Management (BSM) versions prior to 9.01
Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. This could potentially lead to unauthorized access or control of user sessions.
Recommendations For HP Business Availability Center (BAC) versions 7.x through 7.55, update to a version later than 7.55. For HP Business Availability Center (BAC) versions 8.x through 8.05, update to a version later than 8.05. For HP Business Service Management (BSM) versions prior to 9.01, update to version 9.01 or later.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2011-0274

Produtos afetados

Hp Business Availability Center
Hp Business Service Management