CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-9508

The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to stored XSS. A remote attacker authenticated with an administrator account could store a maliciously named file within the web application that would execute each time a user browsed to the page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.9%

CVSS Severity

CVSS v3 Score 6.3

CVSS v2 Score 3.5

References

https://www.vertiv.com/en-us/support/software-download/it-management/avocent-universal-management-gateway-appliance--software-downloads/
https://www.vertiv.com/en-us/support/software-download/software/trellis-enterprise-and-quick-start-solutions-software-downloads/
https://www.vertiv.com/en-us/support/software-download/it-management/avocent-universal-management-gateway-appliance--software-downloads/
https://www.vertiv.com/en-us/support/software-download/software/trellis-enterprise-and-quick-start-solutions-software-downloads/

Products affected by CVE-2019-9508

Vertiv » Avocent Umg-4000 » Version: N/A

cpe:2.3:h:vertiv:avocent_umg-4000:-
Vertiv » Avocent Umg-4000 Firmware » Version: 4.2.1.19

cpe:2.3:o:vertiv:avocent_umg-4000_firmware:4.2.1.19

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-9508

Products

Pricing

Contact Us