CVE-2016-8232
Last modified
CVE-2016-8232 is a vulnerability of currently unknown severity. Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM's IP address to send a crafted URL that could inject a malicious script to access a user's AMM data such as cookies or other session information.. EPSS estimates a 1.43% chance of exploitation in the next 30 days.
Description
Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM's IP address to send a crafted URL that could inject a malicious script to access a user's AMM data such as cookies or other session information.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Advanced Management Module Firmware | All versions |
References
- http://www.securityfocus.com/bid/95839Third Party Advisory, VDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/121443Third Party Advisory
- https://support.lenovo.com/us/en/product_security/LEN-5700Vendor Advisory
- http://www.securityfocus.com/bid/95839Third Party Advisory, VDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/121443Third Party Advisory
- https://support.lenovo.com/us/en/product_security/LEN-5700Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-8232?
How severe is CVE-2016-8232?
How do I fix CVE-2016-8232?
Are you affected by CVE-2016-8232?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST