CVE-2012-2172

Currently unrated

Key Information:

Vendor: IBM
Status: Ds Storage Manager Host Software; Ds4100; Ds4200; Ds4300
Vendor: CVE Published:; 22 June 2012

Summary

Cross-site scripting (XSS) vulnerability in SoftwareRegistration.do in the Storage Manager Profiler in IBM System Storage DS Storage Manager before 10.83.xx.18 on DS Series devices allows remote attackers to inject arbitrary web script or HTML via the updateRegn parameter.

References

http://www.zeroscience.mk/codes/ibmssdssmp_sqlixss.txt

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/75239

vdb-entryx_refsource_XF

http://www.ibm.com/connections/blogs/PSIRT/entry/secbulle...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jun 22, 2012
Vulnerability Reserved
Apr 4, 2012