CVE-2010-4111

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2010-4111
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://marc.info/?l=bugtraq&m=129245189832672&w=2 Vendor Advisory
http://www.securitytracker.com/id?1024897
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:hp:insight_diagnostics:8.3.0.3320:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:8.2.5.3157:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.9.0.2359:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.8.0.2257:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.0.0.1198:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:6.3.1.887:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:*:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:8.4.0.3521:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:8.0.0.2587:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.9.1.2401:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.4.0.1570:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.5.5.1681:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:8.1.1.2784:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:8.2.0.3058:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.6.0.1984:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:8.1.5.2890:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.7.0.2112:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.0.1.1219:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:6.3.0.878:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:8.1.0.2718:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.5.0.1679:*:online:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:hp:insight_diagnostics:8.3.0-14:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:8.1.5-311:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.7.0-142:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.6.0-23:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:6.3.0-15:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:*:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:8.4.0-18:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:8.3.1-105:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.9.0-105:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.8.0-159:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.0.0-30:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.0.1-8:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.4.0-11:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.9.1-15:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:8.1.1-206:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:8.1.0-136:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:6.3.1-1:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.5.0-14:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:8.0.0-210:*:online:*:*:*:*:*
cpe:2.3:a:hp:insight_diagnostics:7.5.5-1:*:online:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Information

Published : 2010-12-22 13:00

Updated : 2011-01-10 22:45

NVD link : CVE-2010-4111

Mitre link : CVE-2010-4111

JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa
Products Affected

linux

  • linux_kernel

microsoft

  • windows

hp

  • insight_diagnostics