Vulnerabilities

CVE-2019-9509

by Fred · 30/03/2020

The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to reflected XSS in an HTTP POST parameter. The web application does not neutralize user-controllable input before displaying to users in a web page, which could allow a remote attacker authenticated with a user account to execute arbitrary code.

Date published : 2020-03-30

https://www.vertiv.com/en-us/support/software-download/it-management/avocent-universal-management-gateway-appliance–software-downloads/

https://www.vertiv.com/en-us/support/software-download/software/trellis-enterprise-and-quick-start-solutions-software-downloads/

Similar

Tags: Cybersecurity Alert