PT-2011-2867 · F Secure+2 · F-Secure Policy Manager+2
Publicado
2011-02-25
·
Atualizado
2017-08-17
·
CVE-2011-1102
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
F-Secure Policy Manager versions 7.x through 9.00 before hotfix 4 on Windows and hotfix 2 on Linux
F-Secure Policy Manager version 8.00 before hotfix 2
F-Secure Policy Manager version 8.1x before hotfix 3 on Windows and hotfix 2 on Linux
Description
A cross-site scripting (XSS) issue exists in the WebReporting module, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Recommendations
For F-Secure Policy Manager versions 7.x, apply hotfix 2 or later to resolve the issue.
For F-Secure Policy Manager version 8.00, apply hotfix 2 or later to resolve the issue.
For F-Secure Policy Manager version 8.1x on Windows, apply hotfix 3 or later to resolve the issue.
For F-Secure Policy Manager version 8.1x on Linux, apply hotfix 2 or later to resolve the issue.
For F-Secure Policy Manager version 9.00 on Windows, apply hotfix 4 or later to resolve the issue.
For F-Secure Policy Manager version 9.00 on Linux, apply hotfix 2 or later to resolve the issue.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
F-Secure Policy Manager
Linux
Windows