CVE-2017-14383

Published: Jan 4, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

In Dell EMC VNX2 versions prior to Operating Environment for File 8.1.9.217 and VNX1 versions prior to Operating Environment for File 7.1.80.8, a web server error page in VNX Control Station is impacted by a reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary HTML code in the user's browser session in the context of the affected web application.

Vendor	Product	Versions
n/a	Dell EMC VNX2 versions prior to Operating Environment for File 8.1.9.217 and Dell EMC VNX1 versions prior to Operating Environment for File 7.1.80.8	affected `Dell EMC VNX2 versions prior to Operating Environment for File 8.1.9.217 and Dell EMC VNX1 versions prior to Operating Environment for File 7.1.80.8`

References

http://seclists.org/fulldisclosure/2017/Dec/87

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-14383

Description

Affected Products

References