CVE-2020-17457: XSS
First published: Wed Mar 17 2021(Updated: )
Fujitsu ServerView Suite iRMC before 9.62F allows XSS. An authenticated attacker can store an XSS payload in the PSCU_FILE_INIT field of a Save Configuration XML document. The payload is triggered in the HTTP error response pages.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fujitsu Serverview Remote Management | <9.62f |
Remedy
https://support.ts.fujitsu.com/IndexDownload.asp?Softwareguid=C67A44AE-B022-4150-8621-C4393C007ED9
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for the Fujitsu ServerView Suite iRMC XSS vulnerability?
The vulnerability ID is CVE-2020-17457.
What is the severity of CVE-2020-17457?
The severity of CVE-2020-17457 is medium with a severity value of 5.4.
How does CVE-2020-17457 impact Fujitsu ServerView Suite iRMC?
CVE-2020-17457 allows an authenticated attacker to store an XSS payload in the PSCU_FILE_INIT field of a Save Configuration XML document and trigger it in the HTTP error response pages.
Which software version is affected by CVE-2020-17457?
The Fujitsu ServerView Suite iRMC versions before 9.62F are affected by CVE-2020-17457.
Is there a fix available for CVE-2020-17457?
Yes, Fujitsu has released the fixed version 9.62F to address the CVE-2020-17457 vulnerability.
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/event
- agent/type
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/fujitsu
- canonical/fujitsu serverview remote management