CVE-2010-2654
Published Jul 8, 2010
Last updated 14 years ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities on the IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5.0, allow remote attackers to inject arbitrary web script or HTML via the (1) INDEX or (2) IPADDR parameter to private/cindefn.php, (3) the domain parameter to private/power_management_policy_options.php, the slot parameter to (4) private/pm_temp.php or (5) private/power_module.php, (6) the WEBINDEX parameter to private/blade_leds.php, or (7) the SLOT parameter to private/ipmi_bladestatus.php.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:*:l:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AC52F58A-CC17-48B4-ABB1-7470AE5FFBDE",
"versionEndIncluding": "2.48"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:*:g:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65D8F61D-3A9B-4851-A59E-B7594DFDE9A8",
"versionEndIncluding": "3.54"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "478D3D8F-338F-494A-A3FF-5B1007DD90CF"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF211E79-BC73-4D6A-8153-19AEE82345D4"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "231325FC-D582-41B6-8CF4-07FEE414D19B"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.20:f:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2F265EA-4CDD-4B6F-9212-74D395F6034A"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.25:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A01662B-8A72-4011-AA27-5A12C6B56FDA"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.25:e:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9DFF42E1-162B-46EA-BDB6-E3452201550A"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.25:i:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BBFF96E9-59AB-40D8-A531-7FB36A4B1E84"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.26:b:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EACAF1A3-EADC-4E15-AE0C-76F6E1FE5219"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.26:e:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E5AA726-67C7-43EF-AB4C-DC9EC2AB39A5"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.26:h:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B967754-11D2-4903-AB8E-6608FD0FD836"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.26:i:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F293BB5-4169-49EC-8DF4-3F0575F7F4D3"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.26:k:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "178B4552-5FE7-439F-86C4-5123F23F4117"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.28:g:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F58BC7F2-438E-4681-9741-7A8DC581DE3B"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.32:d:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86CF34AF-A48D-4CE0-9144-5209A16C9C86"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.34:b:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A555F94B-2D23-4ED6-947C-CBEC1A2768C1"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.34:e:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEC68099-D84F-4516-8D6A-3580F49DF4B0"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.36:d:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "304A13AA-E04B-43B6-84DD-3235170F5C55"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.36:g:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F26C2C6D-D2E1-42D6-A700-53AD1D3A3876"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.36:h:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F61FF30-2B40-44A3-8257-69E92EC0DE23"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.36:k:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF1B6195-649E-4577-99F3-B04C0B762FF4"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.42:d:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "377C2D86-620B-4BC8-A118-9B52EBC609D5"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.42:f:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9BB015A-30D6-4942-BAC6-DD96E151B8CA"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.42:i:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B916267-C840-48C5-B3DC-73BCDA9C91C8"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.42:n:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D979D22-C158-41DE-8AFA-EF3C040B1F58"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.42:o:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66B0F30E-1E3F-4BD4-BE24-0A26C4CA56E1"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.42:t:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C927655-9D61-4921-AA51-27E7D6A2007C"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.46:c:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1ED4EBB8-760C-4DA6-8404-3BB104D08656"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.46:j:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C65476D1-5104-4DE1-B0DF-FBD811F74ACB"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.48:c:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2F8CD93-5278-43F6-87E0-0FED8ACD330A"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.48:d:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6460DE58-67FA-44AE-B20F-A60BAC07F516"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.48:g:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "54EAE737-288C-4F0E-A510-44C8B4B94E70"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.48:n:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D29A5D9C-E5F7-4228-A63F-82F2A55E242E"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.50:c:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA87A054-0FF2-407C-95C7-21CC7C98801C"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.50:g:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BDD8DB8-3B3B-4A10-BEF5-703D6DB7E874"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.50:k:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D10BE3E-7AB3-4F75-BB38-BB9EB5D27BC7"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.50:p:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2274C274-E094-4F01-9D81-B5FC1FAD3F8D"
},
{
"criteria": "cpe:2.3:h:ibm:advanced_management_module:3.54:d:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "542C8BC6-078E-4B06-8092-31F8BE90E382"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:bladecenter:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B8C9F62C-79C0-4079-824C-E076DA20CE2F"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]