Vulnerability Details CVE-2007-5472
Cross-site scripting (XSS) vulnerability in the Server component in CA Host-Based Intrusion Prevention System (HIPS) before 8.0.0.93 allows remote attackers to inject arbitrary web script or HTML via requests that are written to logs for later display in the log viewer.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.1%
CVSS Severity
CVSS v2 Score 4.3
References
- http://osvdb.org/37998
- http://secunia.com/advisories/27301
- http://securitytracker.com/id?1018839
- http://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp
- http://www.securityfocus.com/archive/1/482536/100/0/threaded
- http://www.securityfocus.com/bid/26134
- http://www.vupen.com/english/advisories/2007/3547
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37285
- http://osvdb.org/37998
- http://secunia.com/advisories/27301
- http://securitytracker.com/id?1018839
- http://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp
- http://www.securityfocus.com/archive/1/482536/100/0/threaded
- http://www.securityfocus.com/bid/26134
- http://www.vupen.com/english/advisories/2007/3547
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37285
Products affected by CVE-2007-5472
-
cpe:2.3:a:broadcom:host-based_intrusion_prevention_system:-
-
cpe:2.3:a:broadcom:host-based_intrusion_prevention_system:8