CVE-2011-1102

Published Feb 25, 2011

Last updated 3 months ago

CVSS info 4.3

Overview

Description: Cross-site scripting (XSS) vulnerability in the WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f-secure:policy_manager:7.00:*:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AA62EC6-45AA-48AE-95D8-DBF22112F06C"
          },
          {
            "criteria": "cpe:2.3:a:f-secure:policy_manager:8.00:hotfix1:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B7D7F8F-FEB9-4A54-B0E2-7429340AE10B"
          },
          {
            "criteria": "cpe:2.3:a:f-secure:policy_manager:8.10:hotfix1:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "276F4712-4299-403E-8BFB-69A2B337621F"
          },
          {
            "criteria": "cpe:2.3:a:f-secure:policy_manager:8.10:hotfix2:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0B92F5B-E732-4C3A-BC8E-A5AE925B1C0D"
          },
          {
            "criteria": "cpe:2.3:a:f-secure:policy_manager:8.11:hotfix1:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C99CA8D0-7B7C-4C0D-8F7E-014173C7211E"
          },
          {
            "criteria": "cpe:2.3:a:f-secure:policy_manager:8.11:hotfix2:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F354CB8-BB4B-4F37-A27D-EFD01E25D226"
          },
          {
            "criteria": "cpe:2.3:a:f-secure:policy_manager:9.00:hotfix1:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F6D26FE-DBBF-4A2A-B8B5-879511E934EE"
          },
          {
            "criteria": "cpe:2.3:a:f-secure:policy_manager:9.00:hotfix2:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71B7F86F-B3E7-4102-B8C2-0C284A8880B6"
          },
          {
            "criteria": "cpe:2.3:a:f-secure:policy_manager:9.00:hotfix3:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C411CA74-ADE6-4E70-806F-E402D48B1091"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f-secure:policy_manager:8.00:hotfix1:linux:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91B68A1F-CAE9-4D45-AB3A-EA47A4E8B0B0"
          },
          {
            "criteria": "cpe:2.3:a:f-secure:policy_manager:8.10:hotfix1:linux:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B37FC682-78E0-4096-AF2E-6A2100EF4D7D"
          },
          {
            "criteria": "cpe:2.3:a:f-secure:policy_manager:8.11:hotfix1:linux:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C04248C-CFB6-47FB-A973-768981FA9A2C"
          },
          {
            "criteria": "cpe:2.3:a:f-secure:policy_manager:9.00:hotfix1:linux:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "203DC39B-6350-4653-A064-73304717EBCB"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References