Microsoft System Center Operations Manager Web Console Multiple XSS Vulnerabilities
Last Update Date:
9 Jan 2013 15:09
Release Date:
9 Jan 2013
5325
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Two cross-site scripting (XSS) vulnerabilities exist in System Center Operations Manager that could allow specially crafted script code to run under the guise of the server. These are non-persistent cross-site scripting vulnerabilities that could allow an attacker to issue commands to the System Center Operations Manager server in the context of the targeted user.
Impact
- Elevation of Privilege
System / Technologies affected
- Microsoft System Center Operations Manager 2007
- Microsoft System Center Operations Manager 2007 R2
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
http://technet.microsoft.com/en-us/security/bulletin/ms13-003
Vulnerability Identifier
Source
Related Link
Share with