Back to search
CVE-2016-8232
Published: Mar 1, 2017
Modified: Aug 6, 2024
PUBLISHED
Description
Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM's IP address to send a crafted URL that could inject a malicious script to access a user's AMM data such as cookies or other session information.
| Vendor | Product | Versions |
|---|---|---|
n/a | Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 Earlier than 66Z | affected Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 Earlier than 66Z |
References
https://support.lenovo.com/us/en/product_security/LEN-5700
x_refsource_CONFIRM
lenovo-cve20168232-xss(121443)
vdb-entry
x_refsource_XF
95839
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now