Lucene search

[email protected]CVE-2015-0513

HistoryJan 21, 2015 - 3:17 p.m.

CVE-2015-0513

2015-01-2115:17:11

CWE-79

[email protected]

web.nvd.nist.gov

cve-2015-0513

cross-site scripting

xss

emc m&r

vipr srm

security vulnerability

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.9%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging privileged access to set crafted values of unspecified fields.

Affected configurations

NVD

Node

emcwatch4netRange≤6.5

Node

emcvipr_srmRange≤3.6.0

CPENameOperatorVersion
emc:watch4netemc watch4netle6.5

CPE	Name	Operator	Version
emc:watch4net	emc watch4net	le	6.5

References

archives.neohapsis.com/archives/bugtraq/2015-01/0092.html

www.securityfocus.com/bid/72259

www.securitytracker.com/id/1031567

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.9%

JSON

Related for CVE-2015-0513

prion1 securityvulns5 nvd1 zdt3 packetstorm3 cvelist1 openvas1