CVE-2005-0641

Published Mar 2, 2005

Last updated 4 years ago

Overview

Description: Cross-site scripting (XSS) vulnerability in the Reporter for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to inject arbitrary HTML or web script via the (1) name or (2) description in a report template.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:broadcom:unicenter_asset_management:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "358E054A-2298-486B-88A4-44AB6864904E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References