infovista CVE Vulnerabilities & Metrics

Focus on infovista vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About infovista Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with infovista. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total infovista CVEs: 26
Earliest CVE date: 23 Feb 2006, 23:02 UTC
Latest CVE date: 17 Dec 2018, 15:29 UTC

Latest CVE reference: CVE-2018-19822

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 0

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical infovista CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 4.35

Max CVSS: 5.0

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	0
4.0-6.9	28
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS infovista CVEs

These are the five CVEs with the highest CVSS scores for infovista, sorted by severity first and recency.

CVE-2006-0862 infovista Published on 23 Feb 2006, 23:02 UTC (CVSS: 5.0)
Unspecified vulnerability in InfoVista PortalSE 2.0 Build 20087 on Solaris 8 without the IV00038969 hotfix allows remote attackers to read arbitrary files via a crafted URL.
CVE-2006-0863 infovista Published on 23 Feb 2006, 23:02 UTC (CVSS: 5.0)
InfoVista PortalSE 2.0 Build 20087 on Solaris 8 allows remote attackers to obtain sensitive information by specifying a nonexistent server in the server field, which reveals the path in an error message.
CVE-2018-19822 infovista Published on 17 Dec 2018, 15:29 UTC (CVSS: 4.3)
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SharedCriteria.jsp" has reflected XSS via the ConnPoolName or GroupId parameter.
CVE-2018-19821 infovista Published on 17 Dec 2018, 15:29 UTC (CVSS: 4.3)
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SecurityPolicies.jsp" has reflected XSS via the ConnPoolName parameter.
CVE-2018-19820 infovista Published on 17 Dec 2018, 15:29 UTC (CVSS: 4.3)
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Roles.jsp" has reflected XSS via the ConnPoolName parameter.

All CVEs for infovista

CVE-2018-19822 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SharedCriteria.jsp" has reflected XSS via the ConnPoolName or GroupId parameter.

CVE-2018-19821 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SecurityPolicies.jsp" has reflected XSS via the ConnPoolName parameter.

CVE-2018-19820 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Roles.jsp" has reflected XSS via the ConnPoolName parameter.

CVE-2018-19819 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Rights.jsp" has reflected XSS via the ConnPoolName parameter.

CVE-2018-19818 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Contacts.jsp" has reflected XSS via the ConnPoolName parameter.

CVE-2018-19817 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/AdminAuthorisationFrame.jsp" has reflected XSS via the ConnPoolName or GroupId parameter.

CVE-2018-19816 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/categorytree/ChooseCategory.jsp" has reflected XSS via the ConnPoolName parameter.

CVE-2018-19815 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/UserPopupAddNewProp.jsp" has reflected XSS via the ConnPoolName parameter.

CVE-2018-19814 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Subscriptions.jsp" has reflected XSS via the ConnPoolName or GroupId parameter.

CVE-2018-19813 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Subscribers.jsp" has reflected XSS via the ConnPoolName or GroupId parameter.

CVE-2018-19812 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SubFolderPackages.jsp" has reflected XSS via the GroupId parameter.

CVE-2018-19811 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Import.jsp" has reflected XSS via the ConnPoolName parameter.

CVE-2018-19810 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/GroupMove.jsp" has reflected XSS via the ConnPoolName, GroupId, or type parameter.

CVE-2018-19809 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/GroupCopy.jsp" has reflected XSS via the ConnPoolName, GroupId, or type parameter.

CVE-2018-19775 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "Variables.jsp" has reflected XSS via the ConnPoolName and GroupId parameters.

CVE-2018-19774 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "PresentSpace.jsp" has reflected XSS via the GroupId and ConnPoolName parameters.

CVE-2018-19773 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentUser.jsp" has reflected XSS via the GroupId and ConnPoolName parameters.

CVE-2018-19772 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPresentSpace.jsp" has reflected XSS via the ConnPoolName, GroupId, and ParentId parameters.

CVE-2018-19771 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPool.jsp" has reflected XSS via the PropName parameter.

CVE-2018-19770 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "Users.jsp" has reflected XSS via the ConnPoolName parameter.

CVE-2018-19769 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "UserProperties.jsp" has reflected XSS via the ConnPoolName parameter.

CVE-2018-19768 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "SubPagePackages.jsp" has reflected XSS via the ConnPoolName and GroupId parameters.

CVE-2018-19767 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "PresentSpace.jsp" has reflected XSS via the ConnPoolName and GroupId parameters.

CVE-2018-19766 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "GroupRessourceAdmin.jsp" has reflected XSS via the ConnPoolName parameter.

CVE-2018-19765 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPresentSpace.jsp" has reflected XSS via the ConnPoolName, GroupId, and ParentId parameters.

CVE-2018-19649 infovista vulnerability CVSS: 4.3 17 Dec 2018, 15:29 UTC

XSS exists in InfoVista VistaPortal SE Version 5.1 (build 51029). VPortal/mgtconsole/RolePermissions.jsp has reflected XSS via the ConnPoolName parameter.

CVE-2006-0862 infovista vulnerability CVSS: 5.0 23 Feb 2006, 23:02 UTC

Unspecified vulnerability in InfoVista PortalSE 2.0 Build 20087 on Solaris 8 without the IV00038969 hotfix allows remote attackers to read arbitrary files via a crafted URL.

CVE-2006-0863 infovista vulnerability CVSS: 5.0 23 Feb 2006, 23:02 UTC

InfoVista PortalSE 2.0 Build 20087 on Solaris 8 allows remote attackers to obtain sensitive information by specifying a nonexistent server in the server field, which reveals the path in an error message.