CVE-2012-4344
Summary
| CVE | CVE-2012-4344 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2012-08-15 22:55:00 UTC |
| Updated | 2017-08-29 01:32:00 UTC |
| Description | Cross-site scripting (XSS) vulnerability in Ipswitch WhatsUp Gold 15.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the SNMP system name of the attacking host. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ipswitch | Whatsup Gold | 15.02 | All | All | All |
| Application | Ipswitch | Whatsup Gold | 15.02 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Ipswitch WhatsUp Gold 15.02 Stored XSS - Blind SQLi - RCE | EXPLOIT-DB | www.exploit-db.com | Exploit |
| US-CERT Vulnerability Note VU#777007 - Ipswitch WhatsUp Gold 15.02 contains SQL injection and XSS vulnerabilities | CERT-VN | www.kb.cert.org | US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.