CVE-2017-12544

LOW

Description

A cross-site scripting vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.

References

http://www.securityfocus.com/bid/101029

http://www.securitytracker.com/id/1039437

https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us

Details

Source: MITRE

Published: 2018-02-15

Updated: 2018-03-02

Type: CWE-79

Risk Information

CVSS v2.0

Base Score: 3.5

Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 6.8

Severity: LOW

CVSS v3.0

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Impact Score: 2.7

Exploitability Score: 2.3

Severity: MEDIUM