1. Home
  2. CVE Database
  3. CVE-2007-3623
MEDIUM · 4.3

CVE-2007-3623

Cross-site scripting (XSS) vulnerability in the Hitachi JP1/HiCommand Device Manager, Tiered Storage Manager, Replication Monitor, and GlobalLink Availability Manager before 20070528 allows remote att...

Vulnerability Description

Cross-site scripting (XSS) vulnerability in the Hitachi JP1/HiCommand Device Manager, Tiered Storage Manager, Replication Monitor, and GlobalLink Availability Manager before 20070528 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N
Confidentiality
NONE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
HitachiJp1-Hicommand Device Manager02_30
HitachiJp1-Hicommand Global Link Availability Manager05_00
HitachiJp1-Hicommand Replication Monitor04_00
HitachiJp1-Hicommand Tiered Storage Manager04_00

References

FAQ

What is CVE-2007-3623?

CVE-2007-3623 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the Hitachi JP1/HiCommand Device Manager, Tiered Storage Manager, Replication Monitor, and GlobalLink Availability Manager before 20070528 allows remote att...

How severe is CVE-2007-3623?

CVE-2007-3623 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-3623?

Check the references section above for vendor advisories and patch information. Affected products include: Hitachi Jp1-Hicommand Device Manager, Hitachi Jp1-Hicommand Global Link Availability Manager, Hitachi Jp1-Hicommand Replication Monitor, Hitachi Jp1-Hicommand Tiered Storage Manager.