{"api_version":"1","generated_at":"2026-05-13T01:29:25+00:00","cve":"CVE-2014-0599","urls":{"html":"https://cve.report/CVE-2014-0599","api":"https://cve.report/api/cve/CVE-2014-0599.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2014-0599","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2014-0599"},"summary":{"title":"CVE-2014-0599","description":"Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.","state":"PUBLISHED","assigner":"mitre","published_at":"2014-06-18 17:55:06","updated_at":"2026-05-06 22:30:45"},"problem_types":["CWE-79","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.3","severity":"","vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"}}],"references":[{"url":"https://bugzilla.novell.com/show_bug.cgi?id=869975","name":"https://bugzilla.novell.com/show_bug.cgi?id=869975","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Access Denied","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/59113","name":"http://secunia.com/advisories/59113","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Security Advisory SA59113 - Novell Open Enterprise Server Cross-Site Scripting and Directory Traversal Vulnerabilities - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.novell.com/support/kb/doc.php?id=7010867","name":"https://www.novell.com/support/kb/doc.php?id=7010867","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Support | Patches released for Open Enterprise Server 11 Support Pack 1 (OES11 SP1).","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2014-0599","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0599","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2014","cve_id":"599","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"novell","cpe5":"open_enterprise_server","cpe6":"11.0","cpe7":"sp1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"linux_kernel","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T09:20:19.864Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.novell.com/support/kb/doc.php?id=7010867"},{"name":"59113","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/59113"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.novell.com/show_bug.cgi?id=869975"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2014-06-09T00:00:00.000Z","descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2014-06-19T14:57:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://www.novell.com/support/kb/doc.php?id=7010867"},{"name":"59113","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/59113"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.novell.com/show_bug.cgi?id=869975"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2014-0599","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"https://www.novell.com/support/kb/doc.php?id=7010867","refsource":"CONFIRM","url":"https://www.novell.com/support/kb/doc.php?id=7010867"},{"name":"59113","refsource":"SECUNIA","url":"http://secunia.com/advisories/59113"},{"name":"https://bugzilla.novell.com/show_bug.cgi?id=869975","refsource":"CONFIRM","url":"https://bugzilla.novell.com/show_bug.cgi?id=869975"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2014-0599","datePublished":"2014-06-18T17:00:00.000Z","dateReserved":"2013-12-28T00:00:00.000Z","dateUpdated":"2024-08-06T09:20:19.864Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2014-06-18 17:55:06","lastModifiedDate":"2026-05-06 22:30:45","problem_types":["CWE-79","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:novell:open_enterprise_server:11.0:sp1:*:*:*:linux_kernel:*:*","matchCriteriaId":"8BED3FC3-942C-4E55-84F5-B66D74E14DA3"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2014","CveId":"599","Ordinal":"1","Title":"CVE-2014-0599","CVE":"CVE-2014-0599","Year":"2014"},"notes":[{"CveYear":"2014","CveId":"599","Ordinal":"1","NoteData":"Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.","Type":"Description","Title":"CVE-2014-0599"},{"CveYear":"2014","CveId":"599","Ordinal":"2","NoteData":"2014-06-18","Type":"Other","Title":"Published"},{"CveYear":"2014","CveId":"599","Ordinal":"3","NoteData":"2014-06-19","Type":"Other","Title":"Modified"}]}}}