PT-2010-4716 · Hewlett Packard · Hp Assetmanager+1

Published

2010-10-21

Updated

2010-11-11

CVE-2010-3291

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions HP AssetCenter versions 5.0x through AC 5.03 HP AssetManager versions 5.1x through AM 5.12 HP AssetManager versions 5.2x through AM 5.22

Description The issue is related to a cross-site scripting (XSS) vulnerability, which allows remote attackers to inject arbitrary web script or HTML. This can be achieved via unspecified vectors.

Recommendations For HP AssetCenter versions 5.0x through AC 5.03, update to a version later than AC 5.03 to resolve the issue. For HP AssetManager versions 5.1x through AM 5.12, update to a version later than AM 5.12 to resolve the issue. For HP AssetManager versions 5.2x through AM 5.22, update to a version later than AM 5.22 to resolve the issue.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2010-3291

Affected Products

Hp Assetcenter

Hp Assetmanager

PT-2010-4716 · Hewlett Packard · Hp Assetmanager+1

CVE-2010-3291

Weakness Enumeration

Related Identifiers

Affected Products

References · 6