Lucene search
CiscoCVE-2014-3344HistoryAug 28, 2014 - 1:55 a.m.
CVE-2014-3344
2014-08-2801:55:03
CWE-79
cisco
web.nvd.nist.gov
23
cve-2014-3344
cross-site scripting
xss
cisco transport gateway
smart call home
tg-sch
transport gateway installation software
bug ids
cscuq31129
cscuq31134
cscuq31137
cscuq31563
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.9
Confidence
High
EPSS
0.003
Percentile
65.7%
Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuq31129, CSCuq31134, CSCuq31137, and CSCuq31563.
Affected configurations
Node
ciscotransport_gateway_installation_softwareMatch4.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | transport_gateway_installation_software | 4.0 | cpe:2.3:a:cisco:transport_gateway_installation_software:4.0:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2014-3344
2014-08-28 01:55:03
prion
prion
Cross site scripting
2014-08-28 01:55:00
cvelist
cvelist
CVE-2014-3344
2014-08-28 01:00:00
cisco
cisco
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.9
Confidence
High
EPSS
0.003
Percentile
65.7%
Related for CVE-2014-3344