CVE-2025-8153_CVE-2025-8153

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Description

Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver.10.8.21 to Ver.10.8.36, from Ver.10.9.11 to Ver.10.9.24, from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6 and UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21 allows a attacker to inject an arbitrary scripts may be executed on the user's browser.

Basic Information

ID CVE-2025-8153

Source NEC

Published Sep 17, 2025 at 02:10

Affected Product

Vendor NEC Corporation

Product UNIVERGE IX

Version from Ver.9.5 to Ver.10.7

Affected Versions NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7
NEC Corporation UNIVERGE IX from Ver.10.8.21 to Ver.10.8.36
NEC Corporation UNIVERGE IX from Ver.10.9.11 to Ver.10.9.24
NEC Corporation UNIVERGE IX from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6
NEC Corporation UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21

CWE Classification

CWE-79

References

jpn.nec.com /security-info/secinfo/nv25-005_en.html

{
    "lastseen": "",
    "description": "Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver.10.8.21 to Ver.10.8.36, from Ver.10.9.11 to Ver.10.9.24, from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6 and UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21 allows a attacker to inject an arbitrary scripts may be executed on the user's browser.",
    "published": "2025-09-17T02:10:09.645Z",
    "modified": "2025-09-17T02:10:50.272Z",
    "type": "cve",
    "title": "CVE-2025-8153",
    "source": "NEC",
    "references": "https://jpn.nec.com/security-info/secinfo/nv25-005_en.html",
    "id": "CVE-2025-8153",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79"
    ],
    "cvelist": null,
    "sourceData": "NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7\nNEC Corporation UNIVERGE IX from Ver.10.8.21 to Ver.10.8.36\nNEC Corporation UNIVERGE IX from Ver.10.9.11 to Ver.10.9.24\nNEC Corporation UNIVERGE IX from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6\nNEC Corporation UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "UNIVERGE IX",
    "version": "from Ver.9.5 to Ver.10.7",
    "vendor": "NEC Corporation",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}