CVE-2019-3708

Published: 17/04/2019 Updated: 09/10/2019

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 9.6 | Impact Score: 6 | Exploitability Score: 2.8

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

IsilonSD Management Server 1.1.0 contains a cross-site scripting vulnerability while uploading an OVA file. A remote attacker can trick an admin user to potentially exploit this vulnerability to execute malicious HTML or JavaScript code in the context of the admin user.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dell emc isilonsd management server 1.1.0

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dell EMC Product Taxonomy IsilonSD Management Server Role Security Advisory Technically Signed Off by Product Management John Harr Engineering Team Phillip Nordwall Program Management David Geijsbeek Service Product Lead (SDS) Jeremy Johnson DSA-2019-031: Dell EMC I ...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 DSA-2019-031: Dell EMC IsilonSD Management Server Cross-Site Scripting (XSS) Vulnerabilities Dell EMC Identifier: DSA-2019-031 CVE Identifier: CVE-2019-3708, CVE-2019-3709 Severity: High Severity Rating: Please refer to the Details section below of individual CVSS Scores for each CVE Affected p ...

CWE-79 https://seclists.org/fulldisclosure/2019/Apr/16 https://nvd.nist.gov http://seclists.org/fulldisclosure/2019/Apr/5

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-3708

Vulnerability Summary

Vulnerability Trend

Mailing Lists

References

Vulmon Search

About

Products

Connect