Unrated severityNVD Advisory· Published Sep 15, 2010· Updated Apr 29, 2026

CVE-2010-3010

Description

Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 with firmware before 1.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: a separate XSS issue for HP System Management Homepage (SMH) was originally assigned CVE-2010-3010 due to a CNA error, but CVE-2010-3012 is the appropriate identifier for the SMH issue.

Affected products

Microfocus/3crevf100 73
cpe:2.3:h:hp:3crevf100-73:*:*:*:*:*:*:*:*
Microfocus/3com Officeconnect Gigabit VPN Firewall Software2 versions
cpe:2.3:o:hp:3com_officeconnect_gigabit_vpn_firewall_software:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:hp:3com_officeconnect_gigabit_vpn_firewall_software:*:*:*:*:*:*:*:*range: <=1.0.12
- cpe:2.3:o:hp:3com_officeconnect_gigabit_vpn_firewall_software:1.0.8:*:*:*:*:*:*:*
Microfocus/3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73llm-create
Range: <1.0.13

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000