CVE-2010-0152

Name of the Vulnerable Software and Affected Versions IBM Proventia Network Mail Security System appliance versions prior to 2.5.0.2

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the Local Management Interface (LMI) of the IBM Proventia Network Mail Security System appliance. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via various parameters, including date1 to "pvm messagestore.php", userfilter to "pvm user management.php", ping to "sys tools.php" in a "sys ping.php" action, action to "pvm cert commaction.php", action to "pvm cert serveraction.php", action to "pvm smtpstore.php", and l to "sla/index.php". Additionally, remote authenticated users can inject arbitrary web script or HTML via saved search filters.

Recommendations For versions prior to 2.5.0.2, update to firmware version 2.5.0.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the LMI and limiting the use of the affected parameters, such as date1, userfilter, ping, action, and l, until the update is applied. Avoid using saved search filters in the LMI until the issue is resolved.