Lucene search
CiscoCVE-2013-6698HistoryNov 22, 2013 - 7:55 p.m.
CVE-2013-6698
2013-11-2219:55:09
CWE-264
cisco
web.nvd.nist.gov
33
cisco
wlc
web interface
vulnerability
clickjacking
cross-frame scripting
nvd
cve-2013-6698
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
6.7
Confidence
Low
EPSS
0.001
Percentile
48.9%
The web interface on Cisco Wireless LAN Controller (WLC) devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a “cross-frame scripting (XFS)” issue, aka Bug ID CSCuf77821.
Affected configurations
Node
ciscowireless_lan_controller
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | wireless_lan_controller | * | cpe:2.3:h:cisco:wireless_lan_controller:*:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2013-11-22 19:55:00
nvd
nvd
CVE-2013-6698
2013-11-22 19:55:09
cisco
cisco
Cisco Wireless LAN Controller Cross-Frame Scripting Vulnerability
2013-11-22 16:02:24
cvelist
cvelist
CVE-2013-6698
2013-11-22 17:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
6.7
Confidence
Low
EPSS
0.001
Percentile
48.9%
Related for CVE-2013-6698