Description
Dependency on Vulnerable Third-Party Component vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows DOM-Based XSS.This issue affects DX NetOps Spectrum: 24.3.9 and earlier.
CVSS breakdown
CVSS 4.0
Attack Vector
Network
Attack Complexity
High
Attack Requirements
None
Privileges Required
Low
User Interaction
None
Confidentiality (Vulnerable System)
High
Integrity (Vulnerable System)
Low
Availability (Vulnerable System)
None
Confidentiality (Subsequent System)
High
Integrity (Subsequent System)
Low
Availability (Subsequent System)
None
Affected products
- Broadcom / DX NetOps Spectrum24.3.9 and earlier – 24.3.9 and earlier
- Broadcom / DX NetOps Spectrum24.3.10 and later – 24.3.10 and later