CVE-2017-14383
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In Dell EMC VNX2 versions prior to Operating Environment for File 8.1.9.217 and VNX1 versions prior to Operating Environment for File 7.1.80.8, a web server error page in VNX Control Station is impacted by a reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary HTML code in the user's browser session in the context of the affected web application.
En Dell EMC en versiones VNX2 anteriores a Operating Environment for File 8.1.9.217 y VNX1 en versiones anteriores a Operating Environment for File 7.1.80.8, una página de error del servidor web en VNX Control Station se ve afectada por una vulnerabilidad Cross-Site Scripting (XSS) reflejado. Un atacante remoto no autenticado podría explotar esta vulnerabilidad para ejecutar código HTML arbitrario en la sesión del buscador del usuario, en el contexto de la aplicación web afectada.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-09-12 CVE Reserved
- 2017-12-24 CVE Published
- 2023-11-14 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (1)
URL | Tag | Source |
---|---|---|
http://seclists.org/fulldisclosure/2017/Dec/87 | Mailing List |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Dell Search vendor "Dell" | Emc Vnx2 Firmware Search vendor "Dell" for product "Emc Vnx2 Firmware" | < 8.1.9.217 Search vendor "Dell" for product "Emc Vnx2 Firmware" and version " < 8.1.9.217" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Vnx2 Search vendor "Dell" for product "Emc Vnx2" | - | - |
Safe
|
Dell Search vendor "Dell" | Emc Vnx1 Firmware Search vendor "Dell" for product "Emc Vnx1 Firmware" | < 7.1.80.8 Search vendor "Dell" for product "Emc Vnx1 Firmware" and version " < 7.1.80.8" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Vnx1 Search vendor "Dell" for product "Emc Vnx1" | - | - |
Safe
|