CVE-2014-5360
Summary
| CVE | CVE-2014-5360 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2015-02-03 16:59:00 UTC |
|---|
| Updated | 2016-04-07 13:40:00 UTC |
|---|
| Description | Cross-site scripting (XSS) vulnerability in the admin interface in LANDESK Management Suite before 9.6 SP1 allows remote attackers to inject arbitrary web script or HTML via the AMTVersion parameter to remote/serverlist_grouptree.aspx. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Full Disclosure: CVE-2014-5360 Landesk Management Suite XSS (Cross-Site Scripting) Security Vulnerability |
FULLDISC |
seclists.org |
Exploit |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
Vendor Comments And Credit
| Organization | Published | Contributor | Statement |
|---|
| LANDESK | 2016-04-07 | LANDESK | The vulnerability described in CVE-2014-5360 was fixed in Landesk Management Suit (LDMS) version: 9.5 SP3, 9.6 SP1, 10.0. LDMS Customers are encouraged to upgrade to the listed versions or newer |
There are currently no legacy QID mappings associated with this CVE.
