PT-2019-17641 · Hewlett Packard · Hp2910Al-48G
Published
2019-08-01
·
Updated
2019-08-08
·
CVE-2019-5401
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
HP2910al-48G version W.15.14.0016
Description
A potential security issue has been identified, which exploits an XSS injection by setting the attack vector in one of the switch's persistent configuration fields, such as management URL, location, or contact. However, admin privileges are required to configure these fields, reducing the likelihood of exploitation.
Recommendations
For HP2910al-48G version W.15.14.0016, update to W.15.14.0017 to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hp2910Al-48G