Vulnerability Details CVE-2017-14354
A remote cross-site scripting vulnerability in HP UCMDB Foundation Software versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, and 10.33 could be remotely exploited to allow cross-site scripting.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.1%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- http://www.securityfocus.com/bid/101254
- https://softwaresupport.hpe.com/km/KM02977984
- https://www.auscert.org.au/bulletins/53150
- https://www.tenable.com/security/research/tra-2017-32
- http://www.securityfocus.com/bid/101254
- https://softwaresupport.hpe.com/km/KM02977984
- https://www.auscert.org.au/bulletins/53150
- https://www.tenable.com/security/research/tra-2017-32
Products affected by CVE-2017-14354
-
cpe:2.3:a:hp:ucmdb_foundation_software:10.10
-
cpe:2.3:a:hp:ucmdb_foundation_software:10.11
-
cpe:2.3:a:hp:ucmdb_foundation_software:10.20
-
cpe:2.3:a:hp:ucmdb_foundation_software:10.21
-
cpe:2.3:a:hp:ucmdb_foundation_software:10.22
-
cpe:2.3:a:hp:ucmdb_foundation_software:10.30
-
cpe:2.3:a:hp:ucmdb_foundation_software:10.31
-
cpe:2.3:a:hp:ucmdb_foundation_software:10.32
-
cpe:2.3:a:hp:ucmdb_foundation_software:10.33