CVE-2010-2654

Multiple cross-site scripting (XSS) vulnerabilities on the IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5.0, allow remote attackers to inject arbitrary web script or HTML via the (1) INDEX or (2) IPADDR parameter to private/cindefn.php, (3) the domain parameter to private/power_management_policy_options.php, the slot parameter to (4) private/pm_temp.php or (5) private/power_module.php, (6) the WEBINDEX parameter to private/blade_leds.php, or (7) the SLOT parameter to private/ipmi_bladestatus.php.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.exploit-db.com/exploits/14237/	Exploit
http://dsecrg.com/pages/vul/show.php?id=154	Exploit
http://www.securityfocus.com/bid/41383	Exploit
http://osvdb.org/66122
http://osvdb.org/66128
http://osvdb.org/66127
http://osvdb.org/66126
http://osvdb.org/66130
http://osvdb.org/66129
http://osvdb.org/66125

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:h:ibm:advanced_management_module:1.42:t::::::
	cpe:2.3:h:ibm:advanced_management_module:2.50:k::::::
	cpe:2.3:h:ibm:advanced_management_module:2.50:g::::::
	cpe:2.3:h:ibm:advanced_management_module:1.26:h::::::
	cpe:2.3:h:ibm:advanced_management_module:1.42:o::::::
	cpe:2.3:h:ibm:advanced_management_module:1.36:g::::::
	cpe:2.3:h:ibm:advanced_management_module:1.00:::::::*
	cpe:2.3:h:ibm:advanced_management_module:1.25:::::::*
	cpe:2.3:h:ibm:advanced_management_module:1.20:::::::*
	cpe:2.3:h:ibm:advanced_management_module:2.46:j::::::
	cpe:2.3:h:ibm:advanced_management_module:2.48:c::::::
	cpe:2.3:h:ibm:advanced_management_module:1.26:e::::::
	cpe:2.3:h:ibm:advanced_management_module:2.48:n::::::
	cpe:2.3:h:ibm:advanced_management_module:1.25:i::::::
	cpe:2.3:h:ibm:advanced_management_module:2.48:g::::::
	cpe:2.3:h:ibm:advanced_management_module:1.32:d::::::
	cpe:2.3:h:ibm:advanced_management_module:1.25:e::::::
	cpe:2.3:h:ibm:advanced_management_module:1.28:g::::::
	cpe:2.3:h:ibm:advanced_management_module:2.48:d::::::
	cpe:2.3:h:ibm:advanced_management_module:1.42:d::::::
	cpe:2.3:h:ibm:advanced_management_module:1.26:b::::::
	cpe:2.3:h:ibm:advanced_management_module:1.42:n::::::
	cpe:2.3:h:ibm:advanced_management_module:1.26:k::::::
	cpe:2.3:h:ibm:advanced_management_module:2.50:c::::::
	cpe:2.3:h:ibm:advanced_management_module:1.36:d::::::
	cpe:2.3:h:ibm:advanced_management_module:2.50:p::::::
	cpe:2.3:h:ibm:advanced_management_module:1.42:f::::::
	cpe:2.3:h:ibm:advanced_management_module:2.46:c::::::
	cpe:2.3:h:ibm:advanced_management_module:1.34:b::::::
	cpe:2.3:h:ibm:advanced_management_module:1.34:e::::::
	cpe:2.3:h:ibm:advanced_management_module::l::::::*
	cpe:2.3:h:ibm:advanced_management_module:3.54:d::::::
	cpe:2.3:h:ibm:advanced_management_module:1.42:i::::::
	cpe:2.3:h:ibm:advanced_management_module::g::::::*
	cpe:2.3:h:ibm:advanced_management_module:1.26:i::::::
	cpe:2.3:h:ibm:advanced_management_module:1.36:k::::::
	cpe:2.3:h:ibm:advanced_management_module:1.36:h::::::
	cpe:2.3:h:ibm:advanced_management_module:1.20:f::::::
	cpe:2.3:h:ibm:advanced_management_module:1.01:::::::*

cpe:2.3:h:ibm:bladecenter:*:*:*:*:*:*:*:*

Information

Published : 2010-07-08 05:54

Updated : 2010-07-19 22:48

NVD link : CVE-2010-2654

Mitre link : CVE-2010-2654

JSON object : View

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Products Affected

ibm

bladecenter
advanced_management_module

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.exploit-db.com/exploits/14237/", "name": "14237", "tags": ["Exploit"], "refsource": "EXPLOIT-DB"}, {"url": "http://dsecrg.com/pages/vul/show.php?id=154", "name": "http://dsecrg.com/pages/vul/show.php?id=154", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "http://www.securityfocus.com/bid/41383", "name": "41383", "tags": ["Exploit"], "refsource": "BID"}, {"url": "http://osvdb.org/66122", "name": "66122", "tags": [], "refsource": "OSVDB"}, {"url": "http://osvdb.org/66128", "name": "66128", "tags": [], "refsource": "OSVDB"}, {"url": "http://osvdb.org/66127", "name": "66127", "tags": [], "refsource": "OSVDB"}, {"url": "http://osvdb.org/66126", "name": "66126", "tags": [], "refsource": "OSVDB"}, {"url": "http://osvdb.org/66130", "name": "66130", "tags": [], "refsource": "OSVDB"}, {"url": "http://osvdb.org/66129", "name": "66129", "tags": [], "refsource": "OSVDB"}, {"url": "http://osvdb.org/66125", "name": "66125", "tags": [], "refsource": "OSVDB"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities on the IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5.0, allow remote attackers to inject arbitrary web script or HTML via the (1) INDEX or (2) IPADDR parameter to private/cindefn.php, (3) the domain parameter to private/power_management_policy_options.php, the slot parameter to (4) private/pm_temp.php or (5) private/power_module.php, (6) the WEBINDEX parameter to private/blade_leds.php, or (7) the SLOT parameter to private/ipmi_bladestatus.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-79"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-2654", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2010-07-08T12:54Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.42:t:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:2.50:k:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:2.50:g:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.26:h:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.42:o:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.36:g:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.00:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.25:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:2.46:j:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:2.48:c:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.26:e:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:2.48:n:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.25:i:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:2.48:g:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.32:d:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.25:e:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.28:g:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:2.48:d:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.42:d:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.26:b:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.42:n:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.26:k:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:2.50:c:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.36:d:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:2.50:p:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.42:f:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:2.46:c:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.34:b:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.34:e:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:*:l:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.48"}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:3.54:d:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.42:i:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:*:g:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "3.54"}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.26:i:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.36:k:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.36:h:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.20:f:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:ibm:advanced_management_module:1.01:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:bladecenter:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2010-07-20T05:48Z"}

4.3 /10