CVE-2010-3010
Last modified
CVE-2010-3010 is a vulnerability of currently unknown severity. Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 with firmware before 1.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: a separate XSS issue for HP System Management Homepage (SMH) was originally assigned CVE-2010-3010 due to a CNA error, but CVE-2010-3012 is the appropriate identifier for the SMH issue.. EPSS estimates a 1.46% chance of exploitation in the next 30 days.
Description
Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 with firmware before 1.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: a separate XSS issue for HP System Management Homepage (SMH) was originally assigned CVE-2010-3010 due to a CNA error, but CVE-2010-3012 is the appropriate identifier for the SMH issue.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Hp | 3com Officeconnect Gigabit Vpn Firewall Software | <= 1.0.12 |
| Hp | 3com Officeconnect Gigabit Vpn Firewall Software | 1.0.8 |
| Hp | 3crevf100-73 | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2010-3010?
How severe is CVE-2010-3010?
How do I fix CVE-2010-3010?
Are you affected by CVE-2010-3010?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST