CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-3080

Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the key parameter to avctalert.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.101

EPSS Ranking 92.8%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2014-3080

Ibm » Global Console Manager 16 Firmware » Version: 1.18.0.22011

cpe:2.3:o:ibm:global_console_manager_16_firmware:1.18.0.22011
Ibm » Global Console Manager 16 Firmware » Version: 1.20.0.22575

cpe:2.3:o:ibm:global_console_manager_16_firmware:1.20.0.22575
Ibm » Global Console Manager 32 Firmware » Version: 1.18.0.22011

cpe:2.3:o:ibm:global_console_manager_32_firmware:1.18.0.22011
Ibm » Global Console Manager 32 Firmware » Version: 1.20.0.22575

cpe:2.3:o:ibm:global_console_manager_32_firmware:1.20.0.22575

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-3080

Products

Pricing

Contact Us