Published: 31/10/2012 Updated: 02/11/2012

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in IPAMSummaryView.aspx in the IPAM web interface prior to 3.0-HotFix1 in SolarWinds Orion Network Performance Monitor might allow remote malicious users to inject arbitrary web script or HTML via the "Search for an IP address" field.

Vulnerable Product	Search on Vulmon	Subscribe to Product
solarwinds orion network performance monitor 10.2.1
solarwinds orion network performance monitor 10.2.2
solarwinds orion network performance monitor 10.3
solarwinds orion network performance monitor 10.3.1
solarwinds orion network performance monitor 10.0
solarwinds orion network performance monitor 10.1.13.0
solarwinds ip address manager web interface
solarwinds orion network performance monitor 10.1
solarwinds orion network performance monitor 10.2
solarwinds orion network performance monitor -

source: wwwsecurityfocuscom/bid/56342/info SolarWinds Orion IP Address Manager (IPAM) is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input An attacker can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site T ...

CWE-79 http://www.kb.cert.org/vuls/id/203844 https://nvd.nist.gov https://www.exploit-db.com/exploits/37995/https://www.kb.cert.org/vuls/id/203844

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-4939

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect