CVE-2017-14354
Severity CVSS v4.0:
Pending analysis
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
05/10/2017
Last modified:
20/04/2025
Description
A remote cross-site scripting vulnerability in HP UCMDB Foundation Software versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, and 10.33 could be remotely exploited to allow cross-site scripting.
Impact
Base Score 3.x
6.10
Severity 3.x
MEDIUM
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:hp:ucmdb_foundation_software:10.10:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:ucmdb_foundation_software:10.11:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:ucmdb_foundation_software:10.20:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:ucmdb_foundation_software:10.21:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:ucmdb_foundation_software:10.22:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:ucmdb_foundation_software:10.30:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:ucmdb_foundation_software:10.31:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:ucmdb_foundation_software:10.32:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:ucmdb_foundation_software:10.33:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.securityfocus.com/bid/101254
- https://softwaresupport.hpe.com/km/KM02977984
- https://www.auscert.org.au/bulletins/53150
- https://www.tenable.com/security/research/tra-2017-32
- http://www.securityfocus.com/bid/101254
- https://softwaresupport.hpe.com/km/KM02977984
- https://www.auscert.org.au/bulletins/53150
- https://www.tenable.com/security/research/tra-2017-32