Lucene search

[email protected]NVD:CVE-2013-3416

HistoryJul 10, 2013 - 9:55 p.m.

CVE-2013-3416

2013-07-1021:55:00

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

56.9%

JSON

Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997.

Affected configurations

Nvd

Node

ciscounified_operations_managerMatch-

ciscounified_service_monitorMatch-

VendorProductVersionCPE
ciscounified_operations_manager-cpe:2.3:a:cisco:unified_operations_manager:-:*:*:*:*:*:*:*
ciscounified_service_monitor-cpe:2.3:a:cisco:unified_service_monitor:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unified_operations_manager	-	cpe:2.3:a:cisco:unified_operations_manager:-:::::::*
cisco	unified_service_monitor	-	cpe:2.3:a:cisco:unified_service_monitor:-:::::::*

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3416

www.securitytracker.com/id/1028765

www.securitytracker.com/id/1028766

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

56.9%

JSON

Related for NVD:CVE-2013-3416

cvelist1 prion1 cisco1 cve1