CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-7352

Stored Cross-site scripting (XSS) vulnerability in Pure Storage Purity 4.7.5 allows remote authenticated users to inject arbitrary web script or HTML via the "host" parameter on the 'System > Configuration > SNMP > Add SNMP Trap Manager' screen.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 36.2%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

http://arthrocyber.com/research#finding_3
http://arthrocyber.com/research#finding_3

Products affected by CVE-2017-7352

Purestorage » Purity » Version: 4.7.5

cpe:2.3:a:purestorage:purity:4.7.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7352

Products

Pricing

Contact Us