Vulnerability Description
Cross-site scripting (XSS) vulnerability in the login CGI program in Aruba Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier FIPS versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Aruba | Mobility Controller | <= 2.4.8.6-fips |
References
- http://osvdb.org/36469
- http://secunia.com/advisories/26192PatchVendor Advisory
- http://www.arubanetworks.com/support/alerts/aid-070907b.asc
- http://www.kb.cert.org/vuls/id/680449US Government Resource
- http://www.securityfocus.com/bid/25059
- http://www.securitytracker.com/id?1018457
- http://www.vupen.com/english/advisories/2007/2646
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35605
- http://osvdb.org/36469
- http://secunia.com/advisories/26192PatchVendor Advisory
- http://www.arubanetworks.com/support/alerts/aid-070907b.asc
- http://www.kb.cert.org/vuls/id/680449US Government Resource
- http://www.securityfocus.com/bid/25059
- http://www.securitytracker.com/id?1018457
- http://www.vupen.com/english/advisories/2007/2646
FAQ
What is CVE-2007-4023?
CVE-2007-4023 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the login CGI program in Aruba Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier FIPS versions, allows remote attackers to inject arbit...
How severe is CVE-2007-4023?
CVE-2007-4023 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-4023?
Check the references section above for vendor advisories and patch information. Affected products include: Aruba Mobility Controller.