Detections
Analytics

CVE-2014-2370

medium

Description

Cross-site scripting (XSS) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to inject arbitrary web script or HTML via crafted data.

References

http://www.securityfocus.com/bid/68836

http://ics-cert.us-cert.gov/advisories/ICSA-14-203-01

Details

Source: Mitre, NVD

Published: 2014-07-24

Updated: 2015-10-08

Risk Information

CVSS v2

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Severity: Medium