fkie_cve-2010-4111
Vulnerability from fkie_nvd
Published
2010-12-22 21:00
Modified
2024-11-21 01:20
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:*:*:online:*:*:*:*:*",
"matchCriteriaId": "840DC08F-DBDD-423D-AACE-1F201025969E",
"versionEndIncluding": "8.5.0.3625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:6.3.0.878:*:online:*:*:*:*:*",
"matchCriteriaId": "008AF936-70AF-4AD7-962D-22B59F2D4FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:6.3.1.887:*:online:*:*:*:*:*",
"matchCriteriaId": "C4705800-60BC-4F6A-B3A3-C8DB0C4938CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.0.0.1198:*:online:*:*:*:*:*",
"matchCriteriaId": "D61B097E-EE9F-457D-AECC-75F4D96645AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.0.1.1219:*:online:*:*:*:*:*",
"matchCriteriaId": "48373FEA-5A79-4C80-8F71-BF854467D5F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.4.0.1570:*:online:*:*:*:*:*",
"matchCriteriaId": "2650D1E8-CA36-4237-8A53-1E0AC015AAD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.5.0.1679:*:online:*:*:*:*:*",
"matchCriteriaId": "A3B28649-2348-4E78-89D0-3C7712422B0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.5.5.1681:*:online:*:*:*:*:*",
"matchCriteriaId": "22D19F51-B757-4F69-9796-E7E32E71A6AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.6.0.1984:*:online:*:*:*:*:*",
"matchCriteriaId": "5D4B4A33-1BF3-45D7-B394-27670710B072",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.7.0.2112:*:online:*:*:*:*:*",
"matchCriteriaId": "C99437E8-6685-4D22-93AD-1CB8D280FA8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.8.0.2257:*:online:*:*:*:*:*",
"matchCriteriaId": "FB1741DB-74A4-4D3F-B600-D311A8C90503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.9.0.2359:*:online:*:*:*:*:*",
"matchCriteriaId": "4C0920BB-52F1-411E-9F75-5654AF319747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.9.1.2401:*:online:*:*:*:*:*",
"matchCriteriaId": "109C20FF-3904-43D4-B85A-EBACB81DC87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:8.0.0.2587:*:online:*:*:*:*:*",
"matchCriteriaId": "E75B324B-F684-43E6-A934-9397899BD8F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:8.1.0.2718:*:online:*:*:*:*:*",
"matchCriteriaId": "5CA5901D-6A92-4FA2-A022-304AC5B08638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:8.1.1.2784:*:online:*:*:*:*:*",
"matchCriteriaId": "FB224D14-A3A1-47BF-989F-7C0DFC1C7B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:8.1.5.2890:*:online:*:*:*:*:*",
"matchCriteriaId": "7C11502F-262C-46A4-8E69-3563FDA90C64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:8.2.0.3058:*:online:*:*:*:*:*",
"matchCriteriaId": "41466918-A889-4DE3-9DBE-0B3D8F00265E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:8.2.5.3157:*:online:*:*:*:*:*",
"matchCriteriaId": "D8DF56C8-75DE-488A-9E52-C32B3B3D2E05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:8.3.0.3320:*:online:*:*:*:*:*",
"matchCriteriaId": "BFB36B66-D444-4208-9D92-BEF519A034F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:8.4.0.3521:*:online:*:*:*:*:*",
"matchCriteriaId": "8304267C-8389-42FF-B172-74C995953453",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:*:*:online:*:*:*:*:*",
"matchCriteriaId": "FB96BD5A-5304-40F1-A1B8-813EA22462E8",
"versionEndIncluding": "8.5.0-11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:6.3.0-15:*:online:*:*:*:*:*",
"matchCriteriaId": "664125FD-10C7-4EA1-8C68-9673F87D9623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:6.3.1-1:*:online:*:*:*:*:*",
"matchCriteriaId": "9344DE52-A0C5-4420-AEC1-D9BAEED72610",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.0.0-30:*:online:*:*:*:*:*",
"matchCriteriaId": "FB40075E-3B36-4DB7-826F-DEB247234B03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.0.1-8:*:online:*:*:*:*:*",
"matchCriteriaId": "9EC77E07-09B2-4804-A30D-3B2B3779EC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.4.0-11:*:online:*:*:*:*:*",
"matchCriteriaId": "F7BC0E2A-404E-4377-98E7-05961D7F65D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.5.0-14:*:online:*:*:*:*:*",
"matchCriteriaId": "790A1AA4-4386-4C68-881A-BC46787068AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.5.5-1:*:online:*:*:*:*:*",
"matchCriteriaId": "3D2F0B21-02FE-4CDD-917B-E71A2185FB55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.6.0-23:*:online:*:*:*:*:*",
"matchCriteriaId": "0ED5B8CB-F4E9-462F-84F6-F42A6411119D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.7.0-142:*:online:*:*:*:*:*",
"matchCriteriaId": "E9B8C2A0-43CC-4D70-AC53-945A52DF9F1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.8.0-159:*:online:*:*:*:*:*",
"matchCriteriaId": "4C965B94-D725-4697-A879-A789A2621E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.9.0-105:*:online:*:*:*:*:*",
"matchCriteriaId": "B5EEF9F4-945B-41AC-926E-33D086E03B45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:7.9.1-15:*:online:*:*:*:*:*",
"matchCriteriaId": "D72A858F-47A0-40D5-9A67-0F7417016B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:8.0.0-210:*:online:*:*:*:*:*",
"matchCriteriaId": "77079190-D4D6-4938-AB15-8263C134D1FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:8.1.0-136:*:online:*:*:*:*:*",
"matchCriteriaId": "EB72A9B5-D2D7-466F-8FEA-F87160238174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:8.1.1-206:*:online:*:*:*:*:*",
"matchCriteriaId": "262415F1-D2BA-401B-8D55-5C8DCBF57DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:8.1.5-311:*:online:*:*:*:*:*",
"matchCriteriaId": "67FA5785-AD17-4CEA-B0F4-A0D142C47F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:8.3.0-14:*:online:*:*:*:*:*",
"matchCriteriaId": "0C04A5ED-4E51-4698-B88C-65263CD1D32B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:8.3.1-105:*:online:*:*:*:*:*",
"matchCriteriaId": "49C4E5AD-F465-4FCC-B7CE-7E4F7A3F44B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:insight_diagnostics:8.4.0-18:*:online:*:*:*:*:*",
"matchCriteriaId": "6E2BF320-05D5-47B1-9B86-F31BD312FC19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en HP Insight Diagnostics Online Edition anterior v8.5.1.3712 permite a atacantes remotos inyectar c\u00f3digo web o HTML de su elecci\u00f3n a trav\u00e9s de vectores no especificados. \r\n\r\n\r\n"
}
],
"id": "CVE-2010-4111",
"lastModified": "2024-11-21T01:20:16.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-12-22T21:00:18.207",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=129245189832672\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=129245189832672\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id?1024897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=129245189832672\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=129245189832672\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024897"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.