Medium severity6.1NVD Advisory· Published Mar 1, 2017· Updated May 13, 2026

CVE-2016-8232

Description

Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM's IP address to send a crafted URL that could inject a malicious script to access a user's AMM data such as cookies or other session information.

Affected products

IBM/Advanced Management Module Firmware
cpe:2.3:o:ibm:advanced_management_module_firmware:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/95839nvdThird Party AdvisoryVDB Entry
exchange.xforce.ibmcloud.com/vulnerabilities/121443nvdThird Party Advisory
support.lenovo.com/us/en/product_security/LEN-5700nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.397
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000