CVE Vulnerability

CVE-2008-4119

Multiple cross-site scripting (XSS) vulnerabilities in CA Service Desk 11.2 and CMDB 11.0 through 11.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving "multiple web forms."

4.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

Scope

References
Link Resource
http://community.ca.com/blogs/casecurityresponseblog/archive/2008/09/25.aspx
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=186585
http://www.securityfocus.com/bid/31412
http://secunia.com/advisories/32038 Vendor Advisory
http://securityreason.com/securityalert/4318
http://www.vupen.com/english/advisories/2008/2673
http://www.securitytracker.com/id?1020949
https://exchange.xforce.ibmcloud.com/vulnerabilities/45416
http://www.securityfocus.com/archive/1/496755/100/0/threaded
Configurations

Configuration 1

cpe:2.3:a:ca:cmdb:11.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:cmdb:11.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:cmdb:11.2:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:service_desk:11.2:*:*:*:*:*:*:*
Information

Published : 2008-09-27 10:30

Updated : 2021-04-09 06:54

NVD link : CVE-2008-4119

Mitre link : CVE-2008-4119

Products Affected
No products.
CWE
CWE-79