Unrated severityNVD Advisory· Published Aug 17, 2012· Updated Apr 29, 2026
CVE-2012-3296
CVE-2012-3296
Description
Cross-site scripting (XSS) vulnerability in the Help link in the login panel in IBM Power Hardware Management Console (HMC) 7R7.1.0 before SP4, 7R7.2.0 before SP2, and 7R7.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected products
9cpe:2.3:a:ibm:power_hardware_management_console:7r7.1.0:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:ibm:power_hardware_management_console:7r7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:power_hardware_management_console:7r7.1.0:sp0:*:*:*:*:*:*
- cpe:2.3:a:ibm:power_hardware_management_console:7r7.1.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:ibm:power_hardware_management_console:7r7.1.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:ibm:power_hardware_management_console:7r7.1.0:sp3:*:*:*:*:*:*
- cpe:2.3:a:ibm:power_hardware_management_console:7r7.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:power_hardware_management_console:7r7.2.0:sp0:*:*:*:*:*:*
- cpe:2.3:a:ibm:power_hardware_management_console:7r7.2.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:ibm:power_hardware_management_console:7r7.3.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_the_help_link_on_the_power_hmc_login_panel_is_susceptible_to_reflected_cross_site_scripting_cve_2012_329617nvdVendor Advisory
- secunia.com/advisories/50376nvd
- www.ibm.com/support/docview.wssnvd
- www.ibm.com/support/docview.wssnvd
- www.ibm.com/support/docview.wssnvd
- www.ibm.com/support/fixcentral/firmware/readmenvd
- www.ibm.com/support/fixcentral/firmware/readmenvd
- www.ibm.com/support/fixcentral/firmware/readmenvd
- www.securitytracker.com/idnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/77288nvd
News mentions
0No linked articles in our index yet.