CVE-2012-0428

Published Dec 25, 2012

Last updated 4 years ago

Overview

Description: Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microfocus:edirectory:8.8.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3976A24E-99EE-48D8-BA0E-CE8BC654B6C5"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:edirectory:8.8.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CAC7ABE-A0E3-4B2D-8249-4794D7D21C35"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:edirectory:8.8.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EF1D9B2-2528-4BA3-AD8D-7A5621044DF4"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:edirectory:8.8.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "339ADB6C-7F61-455D-82ED-D14E88D01346"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:edirectory:8.8.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5086C05D-8095-4CA9-983A-1E9D53485E30"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:edirectory:8.8.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A6BBBCF-DCB3-4DC3-A1D2-DF8F2DE83A16"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:edirectory:8.8.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DB620DF-38EA-4851-A589-192FFD7D1B23"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microfocus:edirectory:8.8.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C70FFFF-161E-4A14-8F51-D734E0BF23D3"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:edirectory:8.8.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F27E1A93-6999-4C2B-AE31-95C164C3CF1F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References