CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
58.7%
Multiple cross-site scripting (XSS) vulnerabilities in the login page in the administrative web interface in Cisco TelePresence Server Software 4.0(2.8) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCup90060.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | telepresence_server_software | 3.0(2.24) | cpe:2.3:a:cisco:telepresence_server_software:3.0\(2.24\):*:*:*:*:*:*:* |
cisco | telepresence_server_software | 3.1(1.98) | cpe:2.3:a:cisco:telepresence_server_software:3.1\(1.98\):*:*:*:*:*:*:* |
cisco | telepresence_server_software | 4.0(1.57) | cpe:2.3:a:cisco:telepresence_server_software:4.0\(1.57\):*:*:*:*:*:*:* |
cisco | telepresence_server_software | 4.0(2.8) | cpe:2.3:a:cisco:telepresence_server_software:4.0\(2.8\):*:*:*:*:*:*:* |