- Community Home
- >
- Networking
- >
- Security e-Series
- >
- cross-site scripting vulnerability. 3com switch 42...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-29-2010 03:32 PM
11-29-2010 03:32 PM
cross-site scripting vulnerability. 3com switch 4210
I have a HP / 3com 4210 18 port switch on my network, which failed PCI compliance due to a cross site scripting vulnerability via the web interface.
Is there a firmware fix for this? If not, is it possible to disable the web interface or port 80?
Any suggestions apperciated
thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-29-2010 11:51 PM - edited 11-29-2010 11:53 PM
11-29-2010 11:51 PM - edited 11-29-2010 11:53 PM
Re: cross-site scripting vulnerability. 3com switch 4210
Hi,
You can restrict access to the web gui via ip http acl <acl> or disable it with undo ip http in system-view.
Regards
Fredrik
CCIE Service Provider
MASE Network Infrastructure [2011]
H3CSE
CCNP R&S
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-30-2010 10:30 AM
11-30-2010 10:30 AM
Re: cross-site scripting vulnerability. 3com switch 4210
Thanks Fredrik, that's exactly what i was loking for. I connected via CLI, went to system-view and entered undo ip http shutdown, and it disabled the web service.