{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Power HMC","vendor":"IBM","versions":[{"lessThanOrEqual":"7.8.0","status":"affected","version":"7.1.0","versionType":"semver"},{"status":"affected","version":"7.3.5"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"IBM Power HMC 7.1.0 through 7.8.0 and 7.3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  91163."}],"value":"IBM Power HMC 7.1.0 through 7.8.0 and 7.3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  91163."}],"metrics":[{"cvssV2_0":{"accessComplexity":"MEDIUM","accessVector":"NETWORK","authentication":"NONE","availabilityImpact":"NONE","baseScore":4.3,"confidentialityImpact":"NONE","integrityImpact":"PARTIAL","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","version":"2.0"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-79","description":"CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm","dateUpdated":"2023-11-09T01:18:33.347Z"},"references":[{"tags":["vendor-advisory"],"url":"https://www.ibm.com/support/pages/security-bulletin-power-hardware-management-console-hmc-cve-2014-0883"},{"tags":["vdb-entry"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/91163"}],"source":{"discovery":"UNKNOWN"},"title":"IBM Power Hardware Management Console cross-site scripting","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-06T09:27:20.087Z"},"title":"CVE Program Container","references":[{"tags":["vendor-advisory","x_transferred"],"url":"https://www.ibm.com/support/pages/security-bulletin-power-hardware-management-console-hmc-cve-2014-0883"},{"tags":["vdb-entry","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/91163"}]}]},"cveMetadata":{"assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","assignerShortName":"ibm","cveId":"CVE-2014-0883","datePublished":"2018-04-20T21:00:00.000Z","dateReserved":"2014-01-06T00:00:00.000Z","dateUpdated":"2024-08-06T09:27:20.087Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}