PT-2006-5872 · Mercury · Mercury Sitescope

Ozkan Aziz

Published

2006-10-02

Updated

2018-10-17

CVE-2006-5134

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Mercury SiteScope version 8.1.2.0 Mercury SiteScope version 8.2

Description The issue allows remote authenticated users to cause a denial of service, resulting in a loss of connectivity to the classic interface. This can be achieved via attempted HTML injection into the new monitor description field.

Recommendations For Mercury SiteScope version 8.1.2.0, avoid using the new monitor description field until a fix is available. For Mercury SiteScope version 8.2, restrict access to the new monitor description field to prevent HTML injection attempts until a patch is released.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5134

Affected Products

Mercury Sitescope

PT-2006-5872 · Mercury · Mercury Sitescope

CVE-2006-5134

Related Identifiers

Affected Products

References · 6