CVE-2010-3994

Published Oct 28, 2010

Last updated 3 months ago

CVSS info 4.3

Overview

Description: Cross-site scripting (XSS) vulnerability in HP Version Control Repository Manager (VCRM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Source: hp-security-alert@hp.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:hp:hp:version_control_repository_manager:6.0:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9D526A3-50C2-4FC9-9240-D4F7967D2696"
          },
          {
            "criteria": "cpe:2.3:a:hp:version_control_repository_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC8A980D-96D1-4102-82B0-BF78E44E4AF0",
            "versionEndIncluding": "6.1.2"
          },
          {
            "criteria": "cpe:2.3:a:hp:version_control_repository_manager:1.0.1288.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE90AE6B-B24F-4ED5-B250-99D0FBDC614F"
          },
          {
            "criteria": "cpe:2.3:a:hp:version_control_repository_manager:1.0.2241.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC809779-02E2-4B6D-9BD7-1EBDF01A9FF1"
          },
          {
            "criteria": "cpe:2.3:a:hp:version_control_repository_manager:1.0.2289.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC572579-7F8D-461D-9B65-64CCF9A38866"
          },
          {
            "criteria": "cpe:2.3:a:hp:version_control_repository_manager:1.0.2345.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB54F762-0EC6-40AE-BE99-FB9A2D77D869"
          },
          {
            "criteria": "cpe:2.3:a:hp:version_control_repository_manager:1.0.3085.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DCE7ADA0-53BF-4B3E-8795-9E51184750DA"
          },
          {
            "criteria": "cpe:2.3:a:hp:version_control_repository_manager:1.0.3086.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C42BFA60-E55F-43C8-86DE-B31F250BF0F3"
          },
          {
            "criteria": "cpe:2.3:a:hp:version_control_repository_manager:2.0.0.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BFC2FA5-8FD0-45EE-A208-ADEEC2A99987"
          },
          {
            "criteria": "cpe:2.3:a:hp:version_control_repository_manager:2.0.1.30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE0C4700-DE31-41B8-87A3-62049FBC7D6E"
          },
          {
            "criteria": "cpe:2.3:a:hp:version_control_repository_manager:2.1.1.710:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0952EB7-949C-4046-95C1-F08AC4834435"
          },
          {
            "criteria": "cpe:2.3:a:hp:version_control_repository_manager:2.1.1.720:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "746962E9-9C88-41A0-92CC-1C4B72DB2140"
          },
          {
            "criteria": "cpe:2.3:a:hp:version_control_repository_manager:6.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB19FF29-B775-4B6C-8144-27C4C818B0CC"
          },
          {
            "criteria": "cpe:2.3:a:hp:version_control_repository_manager:6.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E25844F5-8F8F-42AB-8C55-0709E88F4E81"
          },
          {
            "criteria": "cpe:2.3:a:hp:version_control_repository_manager:6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0EE1CB9-023B-4047-AA0F-1E434B173790"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References