CVE-2011-4436

EUVD-2011-4365
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
Affected Products (NVD)
VendorProductVersion
dellkace_k2000_systems_deployment_appliance
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.kace.com/support/kb/index.php?action=artikel&id=1120&artlang=en
http://www.kb.cert.org/vuls/id/193529
http://www.kace.com/support/kb/index.php?action=artikel&id=1120&artlang=en
http://www.kb.cert.org/vuls/id/193529