Lucene search
CiscoCVE-2014-2114HistoryApr 04, 2014 - 3:10 p.m.
CVE-2014-2114
2014-04-0415:10:20
CWE-79
cisco
web.nvd.nist.gov
21
cve-2014-2114
cross-site scripting
xss vulnerability
userservlet
cisco emergency responder
er 8.6
bug id cscun24384
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.9
Confidence
High
EPSS
0.002
Percentile
60.1%
Cross-site scripting (XSS) vulnerability in UserServlet in Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun24384.
Affected configurations
Node
ciscoemergency_responderRange≤8.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | emergency_responder | * | cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2014-2114
2014-04-04 15:10:20
prion
prion
Cross site scripting
2014-04-04 15:10:00
cisco
cisco
Cisco Emergency Responder Cross-Site Scripting Vulnerability
2014-04-03 19:57:27
cvelist
cvelist
CVE-2014-2114
2014-04-04 15:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.9
Confidence
High
EPSS
0.002
Percentile
60.1%
Related for CVE-2014-2114