Vulnerability Data

by Reconmap

CVE-2014-2640

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published at
2014-10-02T00:55Z
3356 days ago
Modified
2019-10-09T23:10Z
1522 days ago
CWE-79
Problem type

GET https://vulnerabilitydata.com/api/details/CVE-2014-2640

{
	"id": "CVE-2014-2640",
	"published_date": "2014-10-02T00:55Z",
	"last_modified_date": "2019-10-09T23:10Z",
	"assigner": "hp-security-alert@hp.com",
	"description": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",
	"references": [
		{
			"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04463322",
			"name": "SSRT101438",
			"refsource": "HP",
			"tags": []
		},
		{
			"url": "http://www.kb.cert.org/vuls/id/125228",
			"name": "VU#125228",
			"refsource": "CERT-VN",
			"tags": [
				"Third Party Advisory",
				"US Government Resource"
			]
		},
		{
			"url": "http://www.securitytracker.com/id/1030960",
			"name": "1030960",
			"refsource": "SECTRACK",
			"tags": []
		}
	],
	"impact": {
		"baseMetricV2": {
			"cvssV2": {
				"version": "2.0",
				"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
				"accessVector": "NETWORK",
				"accessComplexity": "MEDIUM",
				"authentication": "NONE",
				"confidentialityImpact": "NONE",
				"integrityImpact": "PARTIAL",
				"availabilityImpact": "NONE",
				"baseScore": 4.3
			},
			"severity": "MEDIUM",
			"exploitabilityScore": 8.6,
			"impactScore": 2.9,
			"obtainAllPrivilege": false,
			"obtainUserPrivilege": false,
			"obtainOtherPrivilege": false,
			"userInteractionRequired": true
		}
	},
	"problem_type": "CWE-79"
}