CVE-2018-7075 — Cross-site Scripting in Packard Enterprise HPE Intelligent Management Center

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

6.1MEDIUMNVD

EPSS

0.5%

top 36.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Hewlett Packard Enterprise HPE Intelligent Management Center HP Intelligent Management Center

Timeline

PublishedAug 6

Latest updateMay 14

Description

A remote cross-site scripting (XSS) vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT version v7.3 (E0506). The vulnerability is fixed in Intelligent Management Center PLAT 7.3 E0605P04 or subsequent version.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

▶NVDhp/intelligent_management_center7.3

▶CVEListV5hewlett_packard_enterprise/hpe_intelligent_management_centerv7.3 (E0506)

🔴Vulnerability Details

GHSA

GHSA-jghm-h6jr-7r5q: A remote cross-site scripting (XSS) vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT version v7↗2022-05-14

▶

CVEList

CVE-2018-7075: A remote cross-site scripting (XSS) vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT version v7↗2018-08-06

▶