Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3206

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-3206
Last Modified 20 Feb 2014 11:44:14
Published 07 Jan 2012 07:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-3206

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in RHQ 4.2.0, as used in JBoss Operations Network (aka JON or JBoss ON) before 3.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Redhat Jboss Operations Network 2.0.0

  • Redhat Jboss Operations Network 2.0.1

  • Redhat Jboss Operations Network 2.1.0

  • Redhat Jboss Operations Network 2.2

  • Redhat Jboss Operations Network 2.3

  • Redhat Jboss Operations Network 2.3.1

  • Redhat Jboss Operations Network 2.4

  • Redhat Jboss Operations Network 2.4.1

  • Rhq-project Rhq 4.2.0


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=734662

SECTRACK - 1026435

SECUNIA - 47280

SECUNIA - 47197

REDHAT - RHSA-2012:0089


Last Updated: 27 May 2016 10:57:18