Lucene search

MitreCVE-2005-1006

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-1006

2005-05-0204:00:00

CWE-79

mitre

web.nvd.nist.gov

xss

sonicwall

soho

5.1.7.0

remote attackers

web script

html

security vulnerability

nvd

cve-2005-1006

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.006

Percentile

79.4%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) the user login name, which is not filtered when the administrator views the log file.

Affected configurations

Nvd

Node

sonicwallsoho_firmwareMatch5.1.7.0

AND

sonicwallsohoMatch-

VendorProductVersionCPE
sonicwallsoho_firmware5.1.7.0cpe:2.3:o:sonicwall:soho_firmware:5.1.7.0:*:*:*:*:*:*:*
sonicwallsoho-cpe:2.3:h:sonicwall:soho:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sonicwall	soho_firmware	5.1.7.0	cpe:2.3:o:sonicwall:soho_firmware:5.1.7.0:::::::*
sonicwall	soho	-	cpe:2.3:h:sonicwall:soho:-:::::::*

References

archives.neohapsis.com/archives/bugtraq/2005-04/0041.html

secunia.com/advisories/14823

securitytracker.com/id?1013638

www.oliverkarow.de/research/SonicWall.txt

www.osvdb.org/15261

www.osvdb.org/15262

www.securityfocus.com/bid/12984

exchange.xforce.ibmcloud.com/vulnerabilities/19958

exchange.xforce.ibmcloud.com/vulnerabilities/19960

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.006

Percentile

79.4%

JSON

Related for CVE-2005-1006