Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3320

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-3320
Last Modified 17 Nov 2011 12:00:00
Published 02 Nov 2011 01:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-3320

Summary

Cross-site scripting (XSS) vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Vulnerable Systems

Application

  • Intelligent Platforms Proficy Historian 3.1

  • Intelligent Platforms Proficy Historian 3.5

  • Intelligent Platforms Proficy Historian 4.0


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-11-243-02.pdf

BID - 50473


Last Updated: 27 May 2016 10:57:15