Cross-Site Scripting Vulnerability in HP Operations Agent from HP
CVE-2014-2647

Currently unrated

Key Information:

Vendor: HP
Status: Operations Agent
Vendor: CVE Published:; 19 October 2014

What is CVE-2014-2647?

A cross-site scripting vulnerability exists in HP Operations Agent, part of HP Operations Manager, which could allow remote attackers to inject arbitrary web scripts or HTML through unspecified vectors. This flaw can be exploited to compromise the integrity and confidentiality of the user interface, potentially leading to unauthorized actions performed on behalf of unsuspecting users.

References

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

http://www.exploit-db.com/exploits/35076

exploitx_refsource_EXPLOIT-DB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 19, 2014
Vulnerability Reserved
Mar 24, 2014