Home | FAQ | Contact | Privacy Policy
US-CERT
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

 Other Documents
Technical Alerts

Technical Bulletins

Alerts

Security Tips

American Power Conversion Corp. Information for VU#166739

Date Notified:
Date Updated:2010-02-24
Statement Date:2009-12-23
Status Summary:Vulnerable

Vendor Statement

Please see Cross Site Scripting & Forgery Issue (XSS/CSRF) in NMC-Based Products.

Vendor Information

Update NMC firmware as specified by APC. Release notes indicate that these vulnerabilities are addressed in firmware version 3.7.2 for certain NMCs. APC has indicated that the vulnerabilities are also addressed in firmware version 5.1.1.

Vendor References

http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=10887&p_created=1261587018&p_topview=1

http://www.apcmedia.com/salestools/PMAR-82BMH5_R0_EN.zip

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

Produced 2012 by US-CERT, a government organization
Disclaimers and copyright information