Lucene search

[email protected]NVD:CVE-2004-0606

HistoryDec 06, 2004 - 5:00 a.m.

CVE-2004-0606

2004-12-0605:00:00

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.4

Confidence

High

EPSS

0.012

Percentile

85.4%

JSON

Cross-site scripting (XSS) vulnerability in Infoblox DNS One running firmware 2.4.0-8 and earlier allows remote attackers to execute arbitrary scripts as other users via the (1) CLIENTID or (2) HOSTNAME option of a DHCP request.

Affected configurations

Nvd

Node

infobloxdns_one_applianceMatch2.4.0.8

infobloxdns_one_applianceMatch2.4.0.8a

VendorProductVersionCPE
infobloxdns_one_appliance2.4.0.8cpe:2.3:h:infoblox:dns_one_appliance:2.4.0.8:*:*:*:*:*:*:*
infobloxdns_one_appliance2.4.0.8acpe:2.3:h:infoblox:dns_one_appliance:2.4.0.8a:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
infoblox	dns_one_appliance	2.4.0.8	cpe:2.3:h:infoblox:dns_one_appliance:2.4.0.8:::::::*
infoblox	dns_one_appliance	2.4.0.8a	cpe:2.3:h:infoblox:dns_one_appliance:2.4.0.8a:::::::*

References

marc.info/?l=bugtraq&m=108769996925349&w=2

www.securityfocus.com/bid/10573

exchange.xforce.ibmcloud.com/vulnerabilities/16456

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.4

Confidence

High

EPSS

0.012

Percentile

85.4%

JSON

Related for NVD:CVE-2004-0606

cvelist1 cve1