QwikSec

Security Database

CVE

CWE

Training

CVE-2014-0883

Published: Apr 20, 2018

Modified: Aug 6, 2024

PUBLISHED

Description

IBM Power HMC 7.1.0 through 7.8.0 and 7.3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 91163.

Vendor	Product	Versions
IBM	Power HMC	affected `7.1.0 - <= 7.8.0` affected `7.3.5`

Weaknesses (CWE)

References

https://www.ibm.com/support/pages/security-bulletin-power-hardware-management-console-hmc-cve-2014-0883

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/91163

vdb-entry

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.