CVE-2008-4119: XSS
First published: Sat Sep 27 2008(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in CA Service Desk 11.2 and CMDB 11.0 through 11.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving "multiple web forms."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| CA CMDB | =11.0 | |
| CA CMDB | =11.1 | |
| CA CMDB | =11.2 | |
| Broadcom Service Desk | =11.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://community.ca.com/blogs/casecurityresponseblog/archive/2008/09/25.aspx
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=186585
- http://www.securityfocus.com/bid/31412
- http://secunia.com/advisories/32038
- http://securityreason.com/securityalert/4318
- http://www.vupen.com/english/advisories/2008/2673
- http://www.securitytracker.com/id?1020949
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45416
- http://www.securityfocus.com/archive/1/496755/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2008-4119?
CVE-2008-4119 is classified with a moderate severity due to its potential to allow cross-site scripting attacks.
How do I fix CVE-2008-4119?
To mitigate CVE-2008-4119, update your CA Service Desk and CMDB software to versions that have patched this vulnerability.
What systems are affected by CVE-2008-4119?
CVE-2008-4119 affects CA Service Desk versions 11.2 and CA CMDB versions 11.0 to 11.2.
What type of vulnerability is CVE-2008-4119?
CVE-2008-4119 is a cross-site scripting (XSS) vulnerability that allows remote attackers to inject malicious scripts.
Can CVE-2008-4119 impact user data?
Yes, CVE-2008-4119 can impact user data by potentially allowing attackers to execute malicious scripts using unsuspecting users' sessions.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- agent/author
- agent/description
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ca
- canonical/ca cmdb
- version/ca cmdb/11.0
- version/ca cmdb/11.1
- version/ca cmdb/11.2
- vendor/broadcom
- canonical/broadcom service desk
- version/broadcom service desk/11.2