CVE-2017-14354

6.1MEDIUM

Key Information:

Vendor: HP
Status: Ucmdb Foundation Software
Vendor: CVE Published:; 5 October 2017

Summary

A remote cross-site scripting vulnerability in HP UCMDB Foundation Software versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, and 10.33 could be remotely exploited to allow cross-site scripting.

References

http://www.securityfocus.com/bid/101254

vdb-entryx_refsource_BID

https://www.tenable.com/security/research/tra-2017-32

x_refsource_MISC

https://softwaresupport.hpe.com/km/KM02977984

x_refsource_CONFIRM

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Oct 5, 2017
Vulnerability Reserved
Sep 12, 2017