Lucene search

MitreCVE-2009-1418

HistoryMay 19, 2009 - 7:30 p.m.

CVE-2009-1418

2009-05-1919:30:00

CWE-79

mitre

web.nvd.nist.gov

cve-2009-1418

cross-site scripting

xss

hp system management homepage

smh

remote attackers

web script

html

vulnerability

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

56.8%

JSON

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Nvd

Node

hpsystem_management_homepageRange≤3.0.0-68

hpsystem_management_homepageMatch2.0.0

hpsystem_management_homepageMatch2.0.1

hpsystem_management_homepageMatch2.0.1.104

hpsystem_management_homepageMatch2.0.2

hpsystem_management_homepageMatch2.0.2.106

hpsystem_management_homepageMatch2.1

hpsystem_management_homepageMatch2.1.0-103

hpsystem_management_homepageMatch2.1.0-103\(a\)

hpsystem_management_homepageMatch2.1.0-109

hpsystem_management_homepageMatch2.1.0-118

hpsystem_management_homepageMatch2.1.0.121

hpsystem_management_homepageMatch2.1.1

hpsystem_management_homepageMatch2.1.2

hpsystem_management_homepageMatch2.1.2-127

hpsystem_management_homepageMatch2.1.2.127

hpsystem_management_homepageMatch2.1.3

hpsystem_management_homepageMatch2.1.3.132

hpsystem_management_homepageMatch2.1.4

hpsystem_management_homepageMatch2.1.4-143

hpsystem_management_homepageMatch2.1.4.143

hpsystem_management_homepageMatch2.1.5

hpsystem_management_homepageMatch2.1.5-146

hpsystem_management_homepageMatch2.1.5.146

hpsystem_management_homepageMatch2.1.5.146b

hpsystem_management_homepageMatch2.1.6

hpsystem_management_homepageMatch2.1.6-156

hpsystem_management_homepageMatch2.1.6.156

hpsystem_management_homepageMatch2.1.7

hpsystem_management_homepageMatch2.1.7-168

hpsystem_management_homepageMatch2.1.7.168

hpsystem_management_homepageMatch2.1.8

hpsystem_management_homepageMatch2.1.8-177

hpsystem_management_homepageMatch2.1.8.179

hpsystem_management_homepageMatch2.1.9

hpsystem_management_homepageMatch2.1.9-178

hpsystem_management_homepageMatch2.1.10

hpsystem_management_homepageMatch2.1.10-186

hpsystem_management_homepageMatch2.1.10.186

hpsystem_management_homepageMatch2.1.10.186b

hpsystem_management_homepageMatch2.1.10.186c

hpsystem_management_homepageMatch2.1.11

hpsystem_management_homepageMatch2.1.11-197

hpsystem_management_homepageMatch2.1.11.197a

hpsystem_management_homepageMatch2.1.12-118

hpsystem_management_homepageMatch2.1.12-200

hpsystem_management_homepageMatch2.1.12.201

hpsystem_management_homepageMatch2.1.14.20

hpsystem_management_homepageMatch2.1.15-210

hpsystem_management_homepageMatch2.1.15.210

hpsystem_management_homepageMatch2.2.6

hpsystem_management_homepageMatch2.2.8

hpsystem_management_homepageMatch3.0.0.64

VendorProductVersionCPE
hpsystem_management_homepage*cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
hpsystem_management_homepage2.0.0cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*
hpsystem_management_homepage2.0.1cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*
hpsystem_management_homepage2.0.1.104cpe:2.3:a:hp:system_management_homepage:2.0.1.104:*:*:*:*:*:*:*
hpsystem_management_homepage2.0.2cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*
hpsystem_management_homepage2.0.2.106cpe:2.3:a:hp:system_management_homepage:2.0.2.106:*:*:*:*:*:*:*
hpsystem_management_homepage2.1cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*
hpsystem_management_homepage2.1.0-103cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*
hpsystem_management_homepage2.1.0-103(a)cpe:2.3:a:hp:system_management_homepage:2.1.0-103\(a\):*:*:*:*:*:*:*
hpsystem_management_homepage2.1.0-109cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hp	system_management_homepage	*	cpe:2.3:a:hp:system_management_homepage::::::::
hp	system_management_homepage	2.0.0	cpe:2.3:a:hp:system_management_homepage:2.0.0:::::::*
hp	system_management_homepage	2.0.1	cpe:2.3:a:hp:system_management_homepage:2.0.1:::::::*
hp	system_management_homepage	2.0.1.104	cpe:2.3:a:hp:system_management_homepage:2.0.1.104:::::::*
hp	system_management_homepage	2.0.2	cpe:2.3:a:hp:system_management_homepage:2.0.2:::::::*
hp	system_management_homepage	2.0.2.106	cpe:2.3:a:hp:system_management_homepage:2.0.2.106:::::::*
hp	system_management_homepage	2.1	cpe:2.3:a:hp:system_management_homepage:2.1:::::::*
hp	system_management_homepage	2.1.0-103	cpe:2.3:a:hp:system_management_homepage:2.1.0-103:::::::*
hp	system_management_homepage	2.1.0-103(a)	cpe:2.3:a:hp:system_management_homepage:2.1.0-103\(a\):::::::*
hp	system_management_homepage	2.1.0-109	cpe:2.3:a:hp:system_management_homepage:2.1.0-109:::::::*