Skip to main content

Microsoft System Center Operations Manager Web Console Multiple XSS Vulnerabilities

Last Update Date: 9 Jan 2013 15:09 Release Date: 9 Jan 2013 5325 Views

RISK: Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Two cross-site scripting (XSS) vulnerabilities exist in System Center Operations Manager that could allow specially crafted script code to run under the guise of the server. These are non-persistent cross-site scripting vulnerabilities that could allow an attacker to issue commands to the System Center Operations Manager server in the context of the targeted user.


Impact

  • Elevation of Privilege

System / Technologies affected

  • Microsoft System Center Operations Manager 2007
  • Microsoft System Center Operations Manager 2007 R2

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link