First published: Mon Oct 06 2014(Updated: )
Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Credit: hp-security-alert@hp.com
Affected Software | Affected Version | How to fix |
---|---|---|
HP Systems Insight Manager | <=7.3 | |
HP Systems Insight Manager | =7.0 | |
HP Systems Insight Manager | =7.1 | |
HP Systems Insight Manager | =7.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2014-2644 is classified as a medium severity vulnerability due to its potential for cross-site scripting attacks.
To mitigate CVE-2014-2644, upgrade HP Systems Insight Manager to version 7.4 or later.
CVE-2014-2644 allows remote attackers to perform cross-site scripting (XSS) attacks, injecting arbitrary web scripts or HTML.
CVE-2014-2644 affects HP Systems Insight Manager versions 7.0 to 7.3 inclusive.
The exact vectors for exploitation of CVE-2014-2644 are currently unknown, allowing for arbitrary code injection.