PT-2021-17059 · Hewlett Packard+2 · Hpe Icewall Sso Domain Gateway Option+3

Published

2021-04-15

Updated

2021-04-22

CVE-2021-26582

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions HPE IceWall SSO Domain Gateway Option (Dgfw) module version 10.0 HPE IceWall SSO Domain Gateway Option (Dgfw) module version 11.0 on Windows

Description A security issue in the HPE IceWall SSO Domain Gateway Option (Dgfw) module could be exploited remotely to allow cross-site scripting (XSS).

Recommendations For version 10.0 on RHEL 5/6/7, version 10.0 on HP-UX 11i v3, and version 10.0 on Windows, update to a version that includes a fix for this issue. For version 11.0 on Windows, update to a version that includes a fix for this issue.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2021-26582

Affected Products

Hp-Ux

Hpe Icewall Sso Domain Gateway Option

Rhel

Windows

PT-2021-17059 · Hewlett Packard+2 · Hpe Icewall Sso Domain Gateway Option+3

CVE-2021-26582

Weakness Enumeration

Related Identifiers

Affected Products

References · 3