Lucene search

[email protected]NVD:CVE-2013-3440

HistoryJul 23, 2013 - 5:20 p.m.

CVE-2013-3440

2013-07-2317:20:53

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.003

Percentile

65.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cisco Unified Operations Manager allow remote attackers to inject arbitrary web script or HTML, and obtain improperly secured cookies, via unspecified vectors, aka Bug ID CSCud80186.

Affected configurations

Nvd

Node

ciscounified_operations_managerMatch-

VendorProductVersionCPE
ciscounified_operations_manager-cpe:2.3:a:cisco:unified_operations_manager:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unified_operations_manager	-	cpe:2.3:a:cisco:unified_operations_manager:-:::::::*

References

osvdb.org/95584

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3440

tools.cisco.com/security/center/viewAlert.x?alertId=30175

www.securityfocus.com/bid/61414

www.securitytracker.com/id/1028819

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.003

Percentile

65.3%

JSON

Related for NVD:CVE-2013-3440

cve1 cisco1 prion1 cvelist1