Microsoft System Center Configuration Manager XSS Vulnerability
Last Update Date:
12 Sep 2012 12:36
Release Date:
12 Sep 2012
4946
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
A cross-site scripting (XSS) vulnerability exists in System Center Configuration Manager where code can be injected back to the user in the resulting page, effectively allowing attacker-controlled code to run in the context of the user clicking the link.
Impact
- Cross-Site Scripting
- Elevation of Privilege
System / Technologies affected
- Microsoft Systems Management Server 2003 Service Pack 3
- Microsoft System Center Configuration Manager 2007 Service Pack 2
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
http://technet.microsoft.com/en-us/security/bulletin/MS12-062
Vulnerability Identifier
Source
Related Link
Share with