PT-2012-4632 · Ibm · Ibm Hardware Management Console
Published
2012-08-17
·
Updated
2017-08-29
·
CVE-2012-3296
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Power Hardware Management Console (HMC) versions 7R7.1.0 through 7R7.1.0 before SP4
IBM Power Hardware Management Console (HMC) versions 7R7.2.0 through 7R7.2.0 before SP2
IBM Power Hardware Management Console (HMC) version 7R7.3.0
Description
A cross-site scripting (XSS) issue exists in the Help link of the login panel, allowing remote attackers to inject arbitrary web script or HTML.
Recommendations
For versions 7R7.1.0 through 7R7.1.0 before SP4, apply SP4 to resolve the issue.
For versions 7R7.2.0 through 7R7.2.0 before SP2, apply SP2 to resolve the issue.
For version 7R7.3.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Hardware Management Console