CyberSec.Space Logo
CVEブラウザに戻る

CVE-2016-8232

MEDIUM
6.1
CVSS Severity Score
EPSS Score0.0960%
EPSS Percentile0.58th
Published2017年3月1日
Last Modified2026年5月13日

Vulnerability Description

Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM's IP address to send a crafted URL that could inject a malicious script to access a user's AMM data such as cookies or other session information.

Affected Platforms (CPE)

💻
Ibm

Advanced Management Module Firmware

All versions

References & Advisories

🔗 http://www.securityfocus.com/bid/95839
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/121443
🔗 https://support.lenovo.com/us/en/product_security/LEN-5700
🔗 http://www.securityfocus.com/bid/95839
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/121443
🔗 https://support.lenovo.com/us/en/product_security/LEN-5700

関連する脆弱性情報

CVE-2009-393510.0

Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx an...

CVE-2013-67186.4

The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to ...

CVE-2010-26565.0

The IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5....

CVE-2014-08605.0

The firmware before 3.66E in IBM BladeCenter Advanced Management Module (AMM), the firmware before 1.43 in IBM Integrated Manageme...