CVE-2020-17457

Name of the Vulnerable Software and Affected Versions: Fujitsu ServerView Suite iRMC versions prior to 9.62F

Description: The issue allows an authenticated attacker to store an XSS payload in the PSCU FILE INIT field of a Save Configuration XML document. The payload is triggered in the HTTP error response pages. This can be exploited by an attacker to execute malicious scripts.

Recommendations: For versions prior to 9.62F, update to version 9.62F or later to resolve the issue. As a temporary workaround, consider restricting access to the Save Configuration XML document and the PSCU FILE INIT field to minimize the risk of exploitation.