Lucene search

[email protected]CVE-2008-3482

HistoryAug 05, 2008 - 8:41 p.m.

CVE-2008-3482

2008-08-0520:41:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2008-3482

cross-site scripting

xss

vulnerability

panasonic network camera

remote attackers

web script

html

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.2%

JSON

Cross-site scripting (XSS) vulnerability in the error page feature in Panasonic Network Camera BL-C111, BL-C131, BB-HCM511, BB-HCM531, BB-HCM580, BB-HCM581, BB-HCM527, and BB-HCM515 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

panasonicbb_hcm511Match3.20r01

panasonicbb_hcm515Match3.20r01

panasonicbb_hcm527Match3.30r01

panasonicbb_hcm531Match3.20r01

panasonicbb_hcm580Match3.21r00

panasonicbb_hcm581Match3.21r00

panasonicbl_c111Match3.14r02

panasonicbl_c131Match3.14r03

CPENameOperatorVersion
panasonic:bb_hcm511panasonic bb hcm511eq3.20
panasonic:bb_hcm515panasonic bb hcm515eq3.20
panasonic:bb_hcm527panasonic bb hcm527eq3.30
panasonic:bb_hcm531panasonic bb hcm531eq3.20
panasonic:bb_hcm580panasonic bb hcm580eq3.21
panasonic:bb_hcm581panasonic bb hcm581eq3.21
panasonic:bl_c111panasonic bl c111eq3.14
panasonic:bl_c131panasonic bl c131eq3.14

CPE	Name	Operator	Version
panasonic:bb_hcm511	panasonic bb hcm511	eq	3.20
panasonic:bb_hcm515	panasonic bb hcm515	eq	3.20
panasonic:bb_hcm527	panasonic bb hcm527	eq	3.30
panasonic:bb_hcm531	panasonic bb hcm531	eq	3.20
panasonic:bb_hcm580	panasonic bb hcm580	eq	3.21
panasonic:bb_hcm581	panasonic bb hcm581	eq	3.21
panasonic:bl_c111	panasonic bl c111	eq	3.14
panasonic:bl_c131	panasonic bl c131	eq	3.14

References

jvn.jp/en/jp/JVN33706820/index.html

jvndb.jvn.jp/contents/ja/2008/JVNDB-2008-000037.html

panasonic.net/pcc/support/netwkcam/support/info_xss.html

secunia.com/advisories/31304

www.vupen.com/english/advisories/2008/2257/references

exchange.xforce.ibmcloud.com/vulnerabilities/44118

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.2%

JSON

Related for CVE-2008-3482

nvd1 cvelist1 jvn1 prion1