CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-8232

Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM's IP address to send a crafted URL that could inject a malicious script to access a user's AMM data such as cookies or other session information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.5%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2016-8232

Ibm » Advanced Management Module » Version: N/A

cpe:2.3:h:ibm:advanced_management_module:-
Ibm » Bladecenter » Version: hs22

cpe:2.3:h:ibm:bladecenter:hs22
Ibm » Bladecenter » Version: hs22v

cpe:2.3:h:ibm:bladecenter:hs22v
Ibm » Bladecenter » Version: hs23

cpe:2.3:h:ibm:bladecenter:hs23
Ibm » Bladecenter » Version: hs23e

cpe:2.3:h:ibm:bladecenter:hs23e
Ibm » Bladecenter » Version: hx5

cpe:2.3:h:ibm:bladecenter:hx5
Ibm » Advanced Management Module Firmware » Version: N/A

cpe:2.3:o:ibm:advanced_management_module_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-8232

Products

Pricing

Contact Us