216.73.216.86

CVE-2025-8153

· Published 17/09/2025 02:15 · Modified 17/09/2025 14:18

Labels: CVE-2025-8153 2025-09-17CVE-2025-8153CWE-79[email protected]

Essential information

Published
17/09/2025 02:15
Modified
17/09/2025 14:18
Author
Creator
CVSS
5.1 MEDIUM (v3) 5.1 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver.10.8.21 to Ver.10.8.36, from Ver.10.9.11 to Ver.10.9.24, from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6 and UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21 allows a attacker to inject an arbitrary scripts may be executed on the user's browser.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
nec / univerge ix cpe:2.3:a:nec:univerge_ix:9.5:*:*:*:*:*:*:*
nec / univerge ix cpe:2.3:a:nec:univerge_ix:10.7:*:*:*:*:*:*:*
nec / univerge ix cpe:2.3:a:nec:univerge_ix:10.8.21-10.8.36:*:*:*:*:*:*:*
nec / univerge ix cpe:2.3:a:nec:univerge_ix:10.9.11-10.9.24:*:*:*:*:*:*:*
nec / univerge ix cpe:2.3:a:nec:univerge_ix:10.10.21-10.10.31:*:*:*:*:*:*:*
nec / univerge ix cpe:2.3:a:nec:univerge_ix:10.11.6:*:*:*:*:*:*:*
nec / univerge ix-r cpe:2.3:a:nec:univerge_ix-r:1.3.16:*:*:*:*:*:*:*
nec / univerge ix-v cpe:2.3:a:nec:univerge_ix-v:1.3.21:*:*:*:*:*:*:*

References