CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
79.4%
Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page.
Vendor | Product | Version | CPE |
---|---|---|---|
hitachi | cosminexus_application_server_enterprise | * | cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:*:*:*:*:*:*:*:* |
hitachi | cosminexus_application_server_standard | * | cpe:2.3:a:hitachi:cosminexus_application_server_standard:*:*:*:*:*:*:*:* |
hitachi | cosminexus_developer_light_version_6 | * | cpe:2.3:a:hitachi:cosminexus_developer_light_version_6:*:*:*:*:*:*:*:* |
hitachi | cosminexus_developer_professional_version_6 | * | cpe:2.3:a:hitachi:cosminexus_developer_professional_version_6:*:*:*:*:*:*:*:* |
hitachi | cosminexus_developer_standard_version_6 | * | cpe:2.3:a:hitachi:cosminexus_developer_standard_version_6:*:*:*:*:*:*:*:* |
hitachi | cosminexus_server | * | cpe:2.3:a:hitachi:cosminexus_server:*:*:*:*:*:*:*:* |
hitachi | ucosminexus_application_server_enterprise | * | cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:*:*:*:*:*:*:*:* |
hitachi | ucosminexus_application_server_standard | * | cpe:2.3:a:hitachi:ucosminexus_application_server_standard:*:*:*:*:*:*:*:* |
hitachi | ucosminexus_developer_light | * | cpe:2.3:a:hitachi:ucosminexus_developer_light:*:*:*:*:*:*:*:* |
hitachi | ucosminexus_developer_professional | * | cpe:2.3:a:hitachi:ucosminexus_developer_professional:*:*:*:*:*:*:*:* |