Lucene search

MitreCVE-2010-0363

HistoryJan 20, 2010 - 4:30 p.m.

CVE-2010-0363

2010-01-2016:30:00

CWE-79

mitre

web.nvd.nist.gov

cve-2010-0363

cross-site scripting

xss vulnerability

zeus web server

ssl

admin server

web script

html

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

50.8%

JSON

Cross-site scripting (XSS) vulnerability in Zeus Web Server before 4.3r5, when SSL is enabled for the admin server, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2002-1785.

Affected configurations

Nvd

Node

zeuszeus_web_serverRange≤4.3r4

zeuszeus_web_serverMatch3.3

zeuszeus_web_serverMatch3.4

zeuszeus_web_serverMatch4.1

zeuszeus_web_serverMatch4.1r1

zeuszeus_web_serverMatch4.2

zeuszeus_web_serverMatch4.2r2

zeuszeus_web_serverMatch4.3

zeuszeus_web_serverMatch4.3r3

VendorProductVersionCPE
zeuszeus_web_server*cpe:2.3:a:zeus:zeus_web_server:*:*:*:*:*:*:*:*
zeuszeus_web_server3.3cpe:2.3:a:zeus:zeus_web_server:3.3:*:*:*:*:*:*:*
zeuszeus_web_server3.4cpe:2.3:a:zeus:zeus_web_server:3.4:*:*:*:*:*:*:*
zeuszeus_web_server4.1cpe:2.3:a:zeus:zeus_web_server:4.1:*:*:*:*:*:*:*
zeuszeus_web_server4.1r1cpe:2.3:a:zeus:zeus_web_server:4.1r1:*:*:*:*:*:*:*
zeuszeus_web_server4.2cpe:2.3:a:zeus:zeus_web_server:4.2:*:*:*:*:*:*:*
zeuszeus_web_server4.2r2cpe:2.3:a:zeus:zeus_web_server:4.2r2:*:*:*:*:*:*:*
zeuszeus_web_server4.3cpe:2.3:a:zeus:zeus_web_server:4.3:*:*:*:*:*:*:*
zeuszeus_web_server4.3r3cpe:2.3:a:zeus:zeus_web_server:4.3r3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
zeus	zeus_web_server	*	cpe:2.3:a:zeus:zeus_web_server::::::::
zeus	zeus_web_server	3.3	cpe:2.3:a:zeus:zeus_web_server:3.3:::::::*
zeus	zeus_web_server	3.4	cpe:2.3:a:zeus:zeus_web_server:3.4:::::::*
zeus	zeus_web_server	4.1	cpe:2.3:a:zeus:zeus_web_server:4.1:::::::*
zeus	zeus_web_server	4.1r1	cpe:2.3:a:zeus:zeus_web_server:4.1r1:::::::*
zeus	zeus_web_server	4.2	cpe:2.3:a:zeus:zeus_web_server:4.2:::::::*
zeus	zeus_web_server	4.2r2	cpe:2.3:a:zeus:zeus_web_server:4.2r2:::::::*
zeus	zeus_web_server	4.3	cpe:2.3:a:zeus:zeus_web_server:4.3:::::::*
zeus	zeus_web_server	4.3r3	cpe:2.3:a:zeus:zeus_web_server:4.3r3:::::::*

References

support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

50.8%

JSON

Related for CVE-2010-0363