CVE-2021-26582

6.1MEDIUM

Key Information:

Vendor: HP
Status: Icewall Sso Dgfw
Vendor: CVE Published:; 15 April 2021

Summary

A security vulnerability in HPE IceWall SSO Domain Gateway Option (Dgfw) module version 10.0 on RHEL 5/6/7, version 10.0 on HP-UX 11i v3, version 10.0 on Windows and 11.0 on Windows could be exploited remotely to allow cross-site scripting (XSS).

Affected Version(s)

IceWall SSO Dgfw IceWall SSO Dgfw 10.0 (RHEL, HP-UX, Windows) and IceWall SSO Dgfw 11.0 (Windows)

References

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Apr 15, 2021
Vulnerability Reserved
Feb 2, 2021