CVE-2017-4929

6.1MEDIUM

Key Information:

Vendor: Vmware
Status: Nsx Edge
Vendor: CVE Published:; 17 November 2017

Summary

VMware NSX Edge (6.2.x before 6.2.9 and 6.3.x before 6.3.5) contains a moderate Cross-Site Scripting (XSS) issue which may lead to information disclosure.

Affected Version(s)

NSX Edge 6.2.x before 6.2.9

NSX Edge 6.3.x before 6.3.5

References

https://www.vmware.com/security/advisories/VMSA-2017-0019...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/101891

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1039837

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Nov 17, 2017
Vulnerability Reserved
Dec 26, 2016