Lucene search

MitreCVE-2002-1315

HistoryNov 29, 2002 - 5:00 a.m.

CVE-2002-1315

2002-11-2905:00:00

mitre

web.nvd.nist.gov

iplanet

webserver

xss

vulnerability

cve-2002-1315

admin server

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.5

Confidence

High

EPSS

0.786

Percentile

98.3%

JSON

Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows remote attackers to execute web script or HTML as the iPlanet administrator by injecting the desired script into error logs, and possibly escalating privileges by using the XSS vulnerability in conjunction with another issue (CVE-2002-1316).

Affected configurations

Nvd

Node

iplanetiplanet_web_serverMatch4.1

iplanetiplanet_web_serverMatch4.1_sp1

iplanetiplanet_web_serverMatch4.1_sp2

iplanetiplanet_web_serverMatch4.1_sp3

iplanetiplanet_web_serverMatch4.1_sp4

iplanetiplanet_web_serverMatch4.1_sp5

iplanetiplanet_web_serverMatch4.1_sp6

iplanetiplanet_web_serverMatch4.1_sp7

iplanetiplanet_web_serverMatch4.1_sp8

iplanetiplanet_web_serverMatch4.1_sp9

iplanetiplanet_web_serverMatch4.1_sp10

iplanetiplanet_web_serverMatch4.1_sp11

VendorProductVersionCPE
iplanetiplanet_web_server4.1cpe:2.3:a:iplanet:iplanet_web_server:4.1:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp1cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp1:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp2cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp2:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp3cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp3:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp4cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp4:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp5cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp5:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp6cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp6:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp7cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp7:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp8cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp8:*:*:*:*:*:*:*
iplanetiplanet_web_server4.1_sp9cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
iplanet	iplanet_web_server	4.1	cpe:2.3:a:iplanet:iplanet_web_server:4.1:::::::*
iplanet	iplanet_web_server	4.1_sp1	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp1:::::::*
iplanet	iplanet_web_server	4.1_sp2	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp2:::::::*
iplanet	iplanet_web_server	4.1_sp3	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp3:::::::*
iplanet	iplanet_web_server	4.1_sp4	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp4:::::::*
iplanet	iplanet_web_server	4.1_sp5	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp5:::::::*
iplanet	iplanet_web_server	4.1_sp6	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp6:::::::*
iplanet	iplanet_web_server	4.1_sp7	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp7:::::::*
iplanet	iplanet_web_server	4.1_sp8	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp8:::::::*
iplanet	iplanet_web_server	4.1_sp9	cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp9:::::::*

Rows per page:

1-10 of 121

References

archives.neohapsis.com/archives/vulnwatch/2002-q4/0078.html

marc.info/?l=bugtraq&m=103772308030269&w=2

sunsolve.sun.com/search/document.do?assetkey=1-26-49475-1

www.iss.net/security_center/static/10692.php

www.ngsec.com/docs/advisories/NGSEC-2002-4.txt

www.securityfocus.com/bid/6202

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.5

Confidence

High

EPSS

0.786

Percentile

98.3%

JSON

Related for CVE-2002-1315