{"api_version":"1","generated_at":"2026-04-23T02:34:04+00:00","cve":"CVE-2012-0414","urls":{"html":"https://cve.report/CVE-2012-0414","api":"https://cve.report/api/cve/CVE-2012-0414.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2012-0414","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2012-0414"},"summary":{"title":"CVE-2012-0414","description":"Cross-site scripting (XSS) vulnerability in the Spacewalk service in SUSE Manager 1.2 for SUSE Linux Enterprise (SLE) 11 SP1 allows remote attackers to inject arbitrary web script or HTML via an image name.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2013-12-02 04:36:00","updated_at":"2014-03-04 18:56:00"},"problem_types":["CWE-79"],"metrics":[],"references":[{"url":"http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5145796.html","name":"http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5145796.html","refsource":"CONFIRM","tags":[],"title":"HTTP 404 Page Not Found","mime":"text/html","httpstatus":"404","archivestatus":"404"},{"url":"https://bugzilla.novell.com/show_bug.cgi?id=761165","name":"https://bugzilla.novell.com/show_bug.cgi?id=761165","refsource":"MISC","tags":[],"title":"Access Denied","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.novell.com/security/cve/CVE-2012-0414.html","name":"https://support.novell.com/security/cve/CVE-2012-0414.html","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"CVE-2012-0414 | SUSE","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2012-0414","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-0414","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2012","cve_id":"414","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"novell","cpe5":"suse_linux","cpe6":"11","cpe7":"sp1","cpe8":"desktop","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"414","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"novell","cpe5":"suse_linux","cpe6":"11","cpe7":"sp1","cpe8":"desktop","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"414","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"novell","cpe5":"suse_manager","cpe6":"1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"414","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"novell","cpe5":"suse_manager","cpe6":"1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2012-0414","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Cross-site scripting (XSS) vulnerability in the Spacewalk service in SUSE Manager 1.2 for SUSE Linux Enterprise (SLE) 11 SP1 allows remote attackers to inject arbitrary web script or HTML via an image name."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"https://bugzilla.novell.com/show_bug.cgi?id=761165","refsource":"MISC","url":"https://bugzilla.novell.com/show_bug.cgi?id=761165"},{"name":"http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5145796.html","refsource":"CONFIRM","url":"http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5145796.html"},{"name":"https://support.novell.com/security/cve/CVE-2012-0414.html","refsource":"CONFIRM","url":"https://support.novell.com/security/cve/CVE-2012-0414.html"}]}},"nvd":{"publishedDate":"2013-12-02 04:36:00","lastModifiedDate":"2014-03-04 18:56:00","problem_types":["CWE-79"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE","baseScore":4.3},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:novell:suse_manager:1.2:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:o:novell:suse_linux:11:sp1:desktop:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2012","CveId":"414","Ordinal":"53057","Title":"CVE-2012-0414","CVE":"CVE-2012-0414","Year":"2012"},"notes":[{"CveYear":"2012","CveId":"414","Ordinal":"1","NoteData":"Cross-site scripting (XSS) vulnerability in the Spacewalk service in SUSE Manager 1.2 for SUSE Linux Enterprise (SLE) 11 SP1 allows remote attackers to inject arbitrary web script or HTML via an image name.","Type":"Description","Title":null},{"CveYear":"2012","CveId":"414","Ordinal":"2","NoteData":"2013-12-01","Type":"Other","Title":"Published"},{"CveYear":"2012","CveId":"414","Ordinal":"3","NoteData":"2013-12-01","Type":"Other","Title":"Modified"}]}}}