Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Command View Advanced Edition Software Online Help, as used in HP Device Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Tiered Storage Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Replication Manager 6.x and 7.x before 7.6.1-06, and HP XP7 Global Link Manager Software (aka HGLM) 6.x through 8.x before 8.1.2-00, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Xp P9000 Device Manager | <= 8.1.1 |
| Hp | Xp P9000 Replication Manager | <= 7.6.1 |
| Hp | Xp P9000 Tiered Storage Manager | <= 8.1.1 |
| Hp | Xp7 Global Link Manager Software | <= 8.1.1 |
Related Weaknesses (CWE)
References
- http://www.securitytracker.com/id/1031828
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c0
- http://www.securitytracker.com/id/1031828
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c0
FAQ
What is CVE-2014-7896?
CVE-2014-7896 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Command View Advanced Edition Software Online Help, as used in HP Device Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Tiered ...
How severe is CVE-2014-7896?
CVE-2014-7896 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-7896?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Xp P9000 Device Manager, Hp Xp P9000 Replication Manager, Hp Xp P9000 Tiered Storage Manager, Hp Xp7 Global Link Manager Software.