Vulnerability Details CVE-2014-7896
Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Command View Advanced Edition Software Online Help, as used in HP Device Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Tiered Storage Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Replication Manager 6.x and 7.x before 7.6.1-06, and HP XP7 Global Link Manager Software (aka HGLM) 6.x through 8.x before 8.1.2-00, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.3%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www.securitytracker.com/id/1031828
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582371
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582371
- http://www.securitytracker.com/id/1031828
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582371
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582371
Products affected by CVE-2014-7896
-
cpe:2.3:a:hp:xp7_global_link_manager_software:8.1.1
-
cpe:2.3:a:hp:xp_p9000_device_manager:8.1.1
-
cpe:2.3:a:hp:xp_p9000_replication_manager:7.6.1
-
cpe:2.3:a:hp:xp_p9000_tiered_storage_manager:8.1.1