| Title | 複数の Micro Focus 製品におけるクロスサイトスクリプティングの脆弱性 |
|---|---|
| Summary | Micro Focus Universal CMDB、CMS、および UCMDB Browser には、クロスサイトスクリプティングの脆弱性が存在します。 |
| Possible impacts | 情報を取得される、および情報を改ざんされる可能性があります。 |
| Solution | ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date | May 23, 2018, midnight |
| Registration Date | July 12, 2018, 5:33 p.m. |
| Last Update | July 12, 2018, 5:33 p.m. |
| CVSS3.0 : 警告 | |
| Score | 5.4 |
|---|---|
| Vector | CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
| CVSS2.0 : 注意 | |
| Score | 3.5 |
|---|---|
| Vector | AV:N/AC:M/Au:S/C:N/I:P/A:N |
| マイクロフォーカス株式会社 |
| Micro Focus CMS 4.10 |
| Micro Focus CMS 4.11 |
| Micro Focus CMS 4.12 |
| Micro Focus CMS 4.13 |
| Micro Focus CMS 4.14 |
| Micro Focus CMS 4.15.1 |
| Micro Focus UCMDB Browser 4.10 |
| Micro Focus UCMDB Browser 4.11 |
| Micro Focus UCMDB Browser 4.12 |
| Micro Focus UCMDB Browser 4.13 |
| Micro Focus UCMDB Browser 4.14 |
| Micro Focus UCMDB Browser 4.15.1 |
| Micro Focus Universal CMDB 10.20 |
| Micro Focus Universal CMDB 10.21 |
| Micro Focus Universal CMDB 10.22 |
| Micro Focus Universal CMDB 10.30 |
| Micro Focus Universal CMDB 10.31 |
| Micro Focus Universal CMDB 10.32 |
| Micro Focus Universal CMDB 10.33 |
| Micro Focus Universal CMDB 11.0 |
| No | Changed Details | Date of change |
|---|---|---|
| 1 | [2018年07月12日] 掲載 |
July 12, 2018, 5:33 p.m. |
| Summary | Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). |
|---|---|
| Publication Date | May 24, 2018, 3:29 a.m. |
| Registration Date | March 1, 2021, 7:35 p.m. |
| Last Update | Nov. 21, 2024, 1:10 p.m. |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:a:microfocus:universal_cmdb:0.20:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:universal_cmdb:10.21:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:universal_cmdb:10.22:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:universal_cmdb:10.30:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:universal_cmdb:10.31:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:universal_cmdb:10.32:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:universal_cmdb:10.33:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:universal_cmdb:11.0:*:*:*:*:*:*:* | |||||
| Configuration2 | or higher | or less | more than | less than | |
| cpe:2.3:a:microfocus:universal_cmdb_browser:4.10:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:universal_cmdb_browser:4.11:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:universal_cmdb_browser:4.12:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:universal_cmdb_browser:4.13:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:universal_cmdb_browser:4.14:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:universal_cmdb_browser:4.15.1:*:*:*:*:*:*:* | |||||
| Configuration3 | or higher | or less | more than | less than | |
| cpe:2.3:a:microfocus:cms_server:4.10:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:cms_server:4.11:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:cms_server:4.12:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:cms_server:4.13:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:cms_server:4.14:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:microfocus:cms_server:4.15.1:*:*:*:*:*:*:* | |||||