CVE-2016-8232 Vulnerability Details

  /     /     /  

CVE-2016-8232 Metadata Quick Info

CVE Published: 01/03/2017 | CVE Updated: 06/08/2024 | CVE Year: 2016
Source: lenovo | Vendor: n/a | Product: Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 Earlier than 66Z
Status : PUBLISHED

CVE-2016-8232 Description

Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM\'s IP address to send a crafted URL that could inject a malicious script to access a user\'s AMM data such as cookies or other session information.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: DOM-Based XSS
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2016-8232 Vulnerability Details