Published:2006/07/12  Last Updated:2015/10/21

JVN#76686161
ServerView cross-site scripting vulnerability

Overview

ServerView, server-monitoring software included with Fujitsu servers, contains a cross-site scripting vulnerability.

Products Affected

  • ServerView V2.50 - V3.60L98
  • ServerView V4.10L11 - V4.11L81

Description

Impact

An arbitrary script may be executed on the user's web browser.

Solution

Vendor Status

Vendor Status Last Update Vendor Notes
FUJITSU LIMITED Vulnerable 2015/10/13

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Akira Takei reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia JVNDB-2006-000633

Update History

2015/10/21
FUJITSU LIMITED update status