Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.804775 |
Categoría: | Web application abuses |
Título: | IBM Global Console Manager Switches Multiple XSS Vulnerabilities |
Resumen: | IBM Global Console Manager switches are prone to multiple; cross-site scripting (XSS) vulnerabilities. |
Descripción: | Summary: IBM Global Console Manager switches are prone to multiple cross-site scripting (XSS) vulnerabilities. Vulnerability Insight: The flaw is due to improper sanitization of user-supplied input passed via 'query' parameter to kvm.cgi and 'key' parameter to the avctalert.php script. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. Affected Software/OS: IBM GCM16 and GCM32 Global Console Manager switches with firmware versions before 1.20.20.23447. Solution: Update to firmware version 1.20.20.23447 or later. CVSS Score: 7.1 CVSS Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C |
Referencia Cruzada: |
BugTraq ID: 68777 BugTraq ID: 68779 BugTraq ID: 68939 Common Vulnerability Exposure (CVE) ID: CVE-2014-3080 http://www.securityfocus.com/bid/68777 http://www.exploit-db.com/exploits/34132/ http://seclists.org/fulldisclosure/2014/Jul/113 http://packetstormsecurity.com/files/127543/IBM-1754-GCM-KVM-Code-Execution-File-Read-XSS.html XForce ISS Database: ibm-gcm-cve20143080-xss(93929) https://exchange.xforce.ibmcloud.com/vulnerabilities/93929 Common Vulnerability Exposure (CVE) ID: CVE-2014-3081 XForce ISS Database: ibm-gcm-cve20143081-file-read(93930) https://exchange.xforce.ibmcloud.com/vulnerabilities/93930 Common Vulnerability Exposure (CVE) ID: CVE-2014-3085 XForce ISS Database: ibm-gcm-cve20143085-rce(94091) https://exchange.xforce.ibmcloud.com/vulnerabilities/94091 |
Copyright | Copyright (C) 2014 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |