CVE-2017-14383

EPSS 0.8%

In Dell EMC VNX2 versions prior to Operating Environment for File 8.1.9.217 and VNX1 versions prior to Operating Environment for File 7.1.80.8, a web server error page in VNX Control Station is impacted by a reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary HTML code in the user's browser session in the context of the affected web application.

Produtos afetados

n/a · Dell EMC VNX2 versions prior to Operating Environment for File 8.1.9.217 and Dell EMC VNX1 versions prior to Operating Environment for File 7.1.80.8

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://seclists.org/fulldisclosure/2017/Dec/87