CVE-2017-14352
MEDIUMHP UCMDB Configuration Manager 10.10-10.23 - Cross-Site Scripting
Title source: llmDescription
A potential security vulnerability has been identified in HP UCMDB Configuration Manager versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.23. These vulnerabilities could be remotely exploited to allow cross-site scripting.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://softwaresupport.hpe.com/km/KM02968622
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/101154
Scores
CVSS v3
6.1
EPSS
0.0036
EPSS Percentile
58.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (6)
hp/ucmdb_configuration_manager
10.10
hp/ucmdb_configuration_manager
10.11
hp/ucmdb_configuration_manager
10.20
hp/ucmdb_configuration_manager
10.21
hp/ucmdb_configuration_manager
10.22
hp/ucmdb_configuration_manager
10.23
Published
Sep 30, 2017
Tracked Since
Feb 18, 2026