Vulnerability Details CVE-2012-4939
Cross-site scripting (XSS) vulnerability in IPAMSummaryView.aspx in the IPAM web interface before 3.0-HotFix1 in SolarWinds Orion Network Performance Monitor might allow remote attackers to inject arbitrary web script or HTML via the "Search for an IP address" field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.4%
CVSS Severity
CVSS v2 Score 4.3
Products affected by CVE-2012-4939
-
cpe:2.3:a:solarwinds:ip_address_manager_web_interface:3.0
-
cpe:2.3:a:solarwinds:orion_network_performance_monitor:-
-
cpe:2.3:a:solarwinds:orion_network_performance_monitor:10.0
-
cpe:2.3:a:solarwinds:orion_network_performance_monitor:10.1
-
cpe:2.3:a:solarwinds:orion_network_performance_monitor:10.1.13.0
-
cpe:2.3:a:solarwinds:orion_network_performance_monitor:10.2
-
cpe:2.3:a:solarwinds:orion_network_performance_monitor:10.2.1
-
cpe:2.3:a:solarwinds:orion_network_performance_monitor:10.2.2
-
cpe:2.3:a:solarwinds:orion_network_performance_monitor:10.3
-
cpe:2.3:a:solarwinds:orion_network_performance_monitor:10.3.1