Lucene search
CertccCVE-2011-4054HistoryDec 08, 2011 - 11:55 a.m.
CVE-2011-4054
2011-12-0811:55:01
CWE-79
certcc
web.nvd.nist.gov
28
cve-2011-4054
cross-site scripting
xss
ca siteminder
remote attackers
web script
html
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.002
Percentile
52.2%
Cross-site scripting (XSS) vulnerability in login.fcc in CA SiteMinder R6 SP6 before CR7 and R12 SP3 before CR8 allows remote attackers to inject arbitrary web script or HTML via the postpreservationdata parameter.
Affected configurations
Node
casiteminderRange≤6sp6
ORcasiteminderRange≤12sp3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ca | siteminder | * | cpe:2.3:a:ca:siteminder:*:sp6:*:*:*:*:*:* |
| ca | siteminder | * | cpe:2.3:a:ca:siteminder:*:sp3:*:*:*:*:*:* |
Related
cert
cert
CA Siteminder login.fcc form xss vulnerability
2011-12-07 00:00:00
prion
prion
Cross site scripting
2011-12-08 11:55:00
securityvulns
securityvulns
CA20111208-01: Security Notice for CA SiteMinder
2011-12-11 00:00:00
CA SiteMidner crossite scripting
2011-12-11 00:00:00
cvelist
cvelist
CVE-2011-4054
2011-12-08 11:00:00
openvas
openvas
CA SiteMinder 'target' Parameter Cross-Site Scripting Vulnerability
2011-12-19 00:00:00
nvd
nvd
CVE-2011-4054
2011-12-08 11:55:01
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.002
Percentile
52.2%
Related for CVE-2011-4054