CVE-2010-4111 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:N/I:P/A:N
hp	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 63%

Vendor	Product	Version
hp	insight_diagnostics	𝑥 ≤ 8.5.0.3625
hp	insight_diagnostics	6.3.0.878
hp	insight_diagnostics	6.3.1.887
hp	insight_diagnostics	7.0.0.1198
hp	insight_diagnostics	7.0.1.1219
hp	insight_diagnostics	7.4.0.1570
hp	insight_diagnostics	7.5.0.1679
hp	insight_diagnostics	7.5.5.1681
hp	insight_diagnostics	7.6.0.1984
hp	insight_diagnostics	7.7.0.2112
hp	insight_diagnostics	7.8.0.2257
hp	insight_diagnostics	7.9.0.2359
hp	insight_diagnostics	7.9.1.2401
hp	insight_diagnostics	8.0.0.2587
hp	insight_diagnostics	8.1.0.2718
hp	insight_diagnostics	8.1.1.2784
hp	insight_diagnostics	8.1.5.2890
hp	insight_diagnostics	8.2.0.3058
hp	insight_diagnostics	8.2.5.3157
hp	insight_diagnostics	8.3.0.3320
hp	insight_diagnostics	8.4.0.3521
hp	insight_diagnostics	𝑥 ≤ 8.5.0-11
hp	insight_diagnostics	6.3.0-15
hp	insight_diagnostics	6.3.1-1
hp	insight_diagnostics	7.0.0-30
hp	insight_diagnostics	7.0.1-8
hp	insight_diagnostics	7.4.0-11
hp	insight_diagnostics	7.5.0-14
hp	insight_diagnostics	7.5.5-1
hp	insight_diagnostics	7.6.0-23
hp	insight_diagnostics	7.7.0-142
hp	insight_diagnostics	7.8.0-159
hp	insight_diagnostics	7.9.0-105
hp	insight_diagnostics	7.9.1-15
hp	insight_diagnostics	8.0.0-210
hp	insight_diagnostics	8.1.0-136
hp	insight_diagnostics	8.1.1-206
hp	insight_diagnostics	8.1.5-311
hp	insight_diagnostics	8.3.0-14
hp	insight_diagnostics	8.3.1-105
hp	insight_diagnostics	8.4.0-18

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

http://marc.info/?l=bugtraq&m=129245189832672&w=2

http://marc.info/?l=bugtraq&m=129245189832672&w=2

http://www.securitytracker.com/id?1024897

http://marc.info/?l=bugtraq&m=129245189832672&w=2

http://marc.info/?l=bugtraq&m=129245189832672&w=2

http://www.securitytracker.com/id?1024897