Lucene search
CiscoCVE-2014-0735HistoryFeb 20, 2014 - 5:18 a.m.
CVE-2014-0735
2014-02-2005:18:04
CWE-79
cisco
web.nvd.nist.gov
30
cisco
unified communications manager
xss
vulnerability
ip manager assistant
cve-2014-0735
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.002
Percentile
60.1%
Cross-site scripting (XSS) vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum46470.
Affected configurations
Node
ciscounified_communications_managerRange≤10.0\(1\)
ORciscounified_communications_managerMatch3.3\(5\)
ORciscounified_communications_managerMatch3.3\(5\)sr1
ORciscounified_communications_managerMatch3.3\(5\)sr2a
ORciscounified_communications_managerMatch4.1\(3\)
ORciscounified_communications_managerMatch4.1\(3\)sr1
ORciscounified_communications_managerMatch4.1\(3\)sr2
ORciscounified_communications_managerMatch4.1\(3\)sr3
ORciscounified_communications_managerMatch4.1\(3\)sr4
ORciscounified_communications_managerMatch4.2
ORciscounified_communications_managerMatch4.2.1
ORciscounified_communications_managerMatch4.2.2
ORciscounified_communications_managerMatch4.2.3
ORciscounified_communications_managerMatch4.2.3sr1
ORciscounified_communications_managerMatch4.2.3sr2
ORciscounified_communications_managerMatch4.2.3sr2b
ORciscounified_communications_managerMatch4.3
ORciscounified_communications_managerMatch10.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unified_communications_manager | * | cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 3.3(5) | cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\):*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 3.3(5)sr1 | cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\)sr1:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 3.3(5)sr2a | cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\)sr2a:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.1(3) | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\):*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.1(3)sr1 | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr1:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.1(3)sr2 | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr2:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.1(3)sr3 | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr3:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.1(3)sr4 | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr4:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.2 | cpe:2.3:a:cisco:unified_communications_manager:4.2:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2014-02-20 05:18:00
cvelist
cvelist
CVE-2014-0735
2014-02-20 02:00:00
cisco
cisco
seebug
seebug
Cisco Unified Communications Manager IPMA跨站脚本漏洞
2014-02-21 00:00:00
nvd
nvd
CVE-2014-0735
2014-02-20 05:18:04
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.002
Percentile
60.1%
Related for CVE-2014-0735