Overview
- Description
- A potential security vulnerability has been identified in certain HPE FlexNetwork and FlexFabric switch products. The vulnerability could be remotely exploited to allow cross site scripting (XSS). HPE has made the following software updates to resolve the vulnerability. HPE FlexNetwork 5130EL_7.10.R3507P02 and HPE FlexFabric 5945_7.10.R6635.
- Source
- security-alert@hpe.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 4.8
- Impact score
- 2.7
- Exploitability score
- 1.7
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:flexnetwork_5130_ei_firmware:7.10.r3507p02:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "54654BA2-53DE-4CA9-8B59-3732ADB75663"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:flexnetwork_5130_ei:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "40CC9302-1EDD-4348-A341-4BEB6A0D6AFD"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hpe:flexfabric_5945_firmware:7.10.r6635:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C961B785-2163-456B-9367-50EED04B8627"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hpe:flexfabric_5945:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D1FE27AB-09AB-4287-9CFE-C490200454F5"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]