Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6054


Vulnerability Score 4.3 4.3
CVE Id CVE-2007-6054
Last Modified 15 Nov 2008 02:03:10
Published 20 Nov 2007 03:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Cross-site scripting (XSS) vulnerability in the login page in the management interface in the Aruba 800 Mobility Controller and earlier, and and earlier, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /screens URI, related to the url variable.

Vulnerable Systems


CERT-VN - VU#680449

BID - 26465

BUGTRAQ - 20071115 PR07-26: Persistent XSS on Aruba 800 Mobility Controller's login page

OSVDB - 45301


SREASON - 3380

Last Updated: 27 May 2016 10:46:22