CVE-2011-5184

medium

HPE

CVSS v3 Base Score

4.3

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS Score

2.6%

Exploitation probability in 30 days

Top 14% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Confidentiality

None

Integrity

Availability

None

Published: September 20, 2012 (4984 days ago)

Last Modified: April 29, 2026

Vendor: HPE

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover; (2) nodename parameter to nnm/protected/configurationpoll.jsp, (3) nnm/protected/ping.jsp, (4) nnm/protected/statuspoll.jsp, or (5) nnm/protected/traceroute.jsp; or (6) field parameter to nmm/validate. NOTE: this might be a duplicate of CVE-2011-4155 or CVE-2011-4156.

CWE

CWE-79

Affected Products

hp network node manager i

References

🔗 0a29.blogspot.com 🔗 osvdb.org 🔗 osvdb.org 🔗 osvdb.org 🔗 osvdb.org

CVE-2011-5184

Vulnerability Report

Description

CWE

Affected Products

References