CVE-2015-2420

Currently unrated

Key Information:

Vendor
Microsoft
Status
System Center Operations Manager
Vendor
CVE Published:
15 August 2015

Summary

Cross-site scripting (XSS) vulnerability in Microsoft System Center 2012 Operations Manager Gold before Rollup 8, SP1 before Rollup 10, and R2 before Rollup 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "System Center Operations Manager Web Console XSS Vulnerability."

References

http://www.securitytracker.com/id/1033245
vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

2% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.