Lucene search
CiscoCVE-2014-3364HistoryDec 13, 2014 - 12:59 a.m.
CVE-2014-3364
2014-12-1300:59:00
CWE-79
cisco
web.nvd.nist.gov
21
cve-2014-3364
xss
web framework
cisco prime security manager
prsm
remote attackers
access policies
device summary dashboard
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
49.1%
Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Prime Security Manager (aka PRSM) 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML via a (1) Access Policies or (2) Device Summary Dashboard parameter, aka Bug ID CSCuq80661.
Affected configurations
Node
ciscoprime_security_managerRange≤9.2.1-2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | prime_security_manager | * | cpe:2.3:a:cisco:prime_security_manager:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2014-3364
2014-12-13 00:59:00
prion
prion
Cross site scripting
2014-12-13 00:59:00
cvelist
cvelist
CVE-2014-3364
2014-12-13 00:00:00
cisco
cisco
Cisco Prime Security Manager Cross-Site Scripting Vulnerability
2014-12-12 18:01:55
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
49.1%
Related for CVE-2014-3364