{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-25T14:43:53.092","vulnerabilities":[{"cve":{"id":"CVE-2014-0883","sourceIdentifier":"psirt@us.ibm.com","published":"2018-04-20T21:29:00.220","lastModified":"2024-11-21T02:02:58.443","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM Power HMC 7.1.0 through 7.8.0 and 7.3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  91163."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Scripting (XSS) en IBM Power Hardware Management Console (HMC) 7R7.1.0, 7R7.2.0, 7R7.3.0 hasta 7R7.3.5, 7R7.7.0 hasta SP3 y 7R7.8.0 anterior al SP1 permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante el nombre de usuario en la pantalla de inicio de sesión. IBM X-Force ID: 91163."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:power_hardware_management_console:7r7.1.0:*:*:*:*:*:*:*","matchCriteriaId":"F8713B22-6C55-4037-8DA2-F8AEB1DFFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:power_hardware_management_console:7r7.2.0:*:*:*:*:*:*:*","matchCriteriaId":"7BF8EB61-22AB-4539-85D4-FCEDD1DF8359"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:power_hardware_management_console:7r7.3.0:*:*:*:*:*:*:*","matchCriteriaId":"1BABBB52-A944-4B6F-8454-C87F2FEB122A"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:power_hardware_management_console:7r7.3.5:*:*:*:*:*:*:*","matchCriteriaId":"0EF8E1AC-5818-4B38-B5CA-C4DED4971651"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:power_hardware_management_console:7r7.4.0:*:*:*:*:*:*:*","matchCriteriaId":"9AF51303-BBC1-4F08-9679-B921DD1BE1AD"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:power_hardware_management_console:7r7.5.0:*:*:*:*:*:*:*","matchCriteriaId":"8D81C766-D383-41FD-AF67-68CC347C988B"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:power_hardware_management_console:7r7.6.0:*:*:*:*:*:*:*","matchCriteriaId":"33C1B1E5-7443-48EB-805C-C857CE7E7488"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:power_hardware_management_console:7r7.7.0:*:*:*:*:*:*:*","matchCriteriaId":"1E755A0F-E499-4AD0-81B3-CD51F84F677A"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:power_hardware_management_console:7r7.7.0:sp1:*:*:*:*:*:*","matchCriteriaId":"C6D26DF4-BFBF-423F-B475-A3305CE3C7B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:power_hardware_management_console:7r7.7.0:sp2:*:*:*:*:*:*","matchCriteriaId":"B4D2E5AC-81C7-4510-9A2A-01F90CC58AA4"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:power_hardware_management_console:7r7.8.0:*:*:*:*:*:*:*","matchCriteriaId":"92B51D48-A9F6-4FBF-9E71-9FCC94B0BE45"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/91163","source":"psirt@us.ibm.com"},{"url":"https://www.ibm.com/support/pages/security-bulletin-power-hardware-management-console-hmc-cve-2014-0883","source":"psirt@us.ibm.com"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/91163","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.ibm.com/support/pages/security-bulletin-power-hardware-management-console-hmc-cve-2014-0883","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}