FKIE_CVE-2014-3960
Vulnerability from fkie_nvd - Published: 2014-06-04 14:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before 1.12.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opennms:opennms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDE1B61-54F1-4C33-804D-7046283FACC1",
"versionEndIncluding": "1.12.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FAB8E149-D400-47E4-8185-118962F38216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E1350D-AA86-41B9-AFF4-8E71BDB8F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3C7E1F5-19FF-4047-BB45-EAF2411774BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1B004DE5-D945-4D3A-99CA-E4499B4D2D3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3D4B55A4-156C-471F-AD98-1DA73F731656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C4DE5844-E9EA-4804-BA2C-B655731C2806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "964DA1E2-531A-4E9F-ABB8-412E20F650BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5A340575-769F-43EB-86F9-630E8AFC42C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "530B5A89-B0B6-46FB-B2B1-78C8FA6A0A8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.9.90:*:*:*:*:*:*:*",
"matchCriteriaId": "713E0914-D06D-49B5-BF19-C82BF690EC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.9.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E086AAB1-872B-4837-A81F-03E6E1176BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.9.92:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F555D4-7791-4757-B189-91C2EA2E156D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.9.93:*:*:*:*:*:*:*",
"matchCriteriaId": "A12A6B5B-E50B-4E6E-9401-171AEA2A944D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "203991AE-A7C4-4DC3-8FE3-B183553E95B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B82EA59-A325-42CD-B82B-CFC63591BF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "20860B36-F965-4605-A942-20DFDF9FF220",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F488842F-6F00-46CC-BF40-B664BF9F18E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AB3E9F6B-A9BB-45E2-88B9-6BB9F890B884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC947C4-DDB0-487A-9CBB-E4E252DF8436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "92351679-2FDE-405A-B896-4FAFECCA05DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.10.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4128AB85-A410-471F-ADE5-08C3BACE4BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.10.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F8323FE6-EFB9-4CDD-B1D9-BB15FBBF72E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.10.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3D364F5E-363E-4059-BCFB-9AD2E39D382A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8AAC8475-7ADC-41DD-9CD4-E6A873428B91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.10.11:*:*:*:*:*:*:*",
"matchCriteriaId": "83A1B7AA-7081-4CD1-93A3-0A9D85F079DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.10.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7DF32F64-098E-4A36-9D28-40E9A1C6F373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.10.13:*:*:*:*:*:*:*",
"matchCriteriaId": "38C336E7-1B97-4394-9E33-F5D048654CCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.10.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F646ACC2-F668-4682-B676-2F653579D0F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB09E4F1-FDCA-4711-A9B5-1E7D4E16D5C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57607094-2E64-4A9A-9442-0A5B75C61A03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99720A9E-51D7-4A76-80EE-21E8A9AA4407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FCC1AEFD-B3B8-4127-9120-EAFBD78F1D21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.11.90:*:*:*:*:*:*:*",
"matchCriteriaId": "22B94894-91D0-4ED3-A932-730004DF4327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.11.91:*:*:*:*:*:*:*",
"matchCriteriaId": "329B6328-4D46-4356-A423-496096967657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.11.92:*:*:*:*:*:*:*",
"matchCriteriaId": "D845B751-9190-4A3C-BD68-14A6D77D1F9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.11.93:*:*:*:*:*:*:*",
"matchCriteriaId": "CAA44DA3-25A2-4D69-BAC4-7A1E91F5E11C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.11.94:*:*:*:*:*:*:*",
"matchCriteriaId": "3019863B-C16F-40D6-B3EC-121E8691468B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC9B0F7-8BB2-48F0-ADB8-B8E4A3F06ED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF7DAD8-C8C7-4CBE-B519-5954D355DBBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "71ED2D93-52BE-49F2-8799-F574DC50D182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5A0EB387-D9BE-4C90-B670-2273D1A19761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8C8BCAF0-4E9B-43B0-A510-E53F10A76B70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opennms:opennms:1.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC92D17-E2AB-4FC1-A9D6-A4709803CFCB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before 1.12.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en OpenNMS anterior a 1.12.7 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-3960",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-06-04T14:55:06.560",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/58748"
},
{
"source": "cve@mitre.org",
"url": "http://www.opennms.org/documentation/ReleaseNotesStable.html#opennms-1.12.7"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/67774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/58748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.opennms.org/documentation/ReleaseNotesStable.html#opennms-1.12.7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/67774"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…