PT-2018-17583 · Hewlett Packard · Hpe Network Automation+1

Publicado

2018-05-22

·

Atualizado

2019-10-09

·

CVE-2018-6492

CVSS v3.1

6.1

Média

VetorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions HP Network Operations Management Ultimate versions 2017.07 through 2018.02 HP Network Automation versions 10.00 through 10.50
Description The issue concerns Persistent Cross-Site Scripting and non-persistent HTML Injection. This could be remotely exploited, allowing for persistent cross-site scripting and non-persistent HTML Injection.
Recommendations For HP Network Operations Management Ultimate versions 2017.07 through 2018.02, update to a version that includes the fix for this issue. For HP Network Automation versions 10.00 through 10.50, update to a version that includes the fix for this issue.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2018-6492

Produtos afetados

Hpe Network Automation
Hp Network Operations Management Ultimate