American Power Conversion Corp. Information for VU#166739
APC Network Management Card web interface vulnerable to cross-site scripting and cross-site request forgery
- Vendor Information Help Date Notified:
- Statement Date: 23 Dec 2009
- Date Updated: 24 Feb 2010
Update NMC firmware as specified by APC. Release notes indicate that these vulnerabilities are addressed in firmware version 3.7.2 for certain NMCs. APC has indicated that the vulnerabilities are also addressed in firmware version 5.1.1.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.