CVE-2014-0338

2014-03-1614:06:45

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.004

Percentile

74.2%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the firewall policy management pages in WatchGuard Fireware XTM before 11.8.3 allow remote attackers to inject arbitrary web script or HTML via the pol_name parameter.

Affected configurations

Nvd

Node

watchguardfirewareRange≤11.8.1

watchguardfirewareMatch11.6

watchguardfirewareMatch11.6.1

watchguardfirewareMatch11.6.3

watchguardfirewareMatch11.6.5

watchguardfirewareMatch11.6.6

watchguardfirewareMatch11.7

watchguardfirewareMatch11.7.2

watchguardfirewareMatch11.7.3

watchguardfirewareMatch11.7.4

watchguardfirewareMatch11.8

VendorProductVersionCPE
watchguardfireware*cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*
watchguardfireware11.6cpe:2.3:o:watchguard:fireware:11.6:*:*:*:*:*:*:*
watchguardfireware11.6.1cpe:2.3:o:watchguard:fireware:11.6.1:*:*:*:*:*:*:*
watchguardfireware11.6.3cpe:2.3:o:watchguard:fireware:11.6.3:*:*:*:*:*:*:*
watchguardfireware11.6.5cpe:2.3:o:watchguard:fireware:11.6.5:*:*:*:*:*:*:*
watchguardfireware11.6.6cpe:2.3:o:watchguard:fireware:11.6.6:*:*:*:*:*:*:*
watchguardfireware11.7cpe:2.3:o:watchguard:fireware:11.7:*:*:*:*:*:*:*
watchguardfireware11.7.2cpe:2.3:o:watchguard:fireware:11.7.2:*:*:*:*:*:*:*
watchguardfireware11.7.3cpe:2.3:o:watchguard:fireware:11.7.3:*:*:*:*:*:*:*
watchguardfireware11.7.4cpe:2.3:o:watchguard:fireware:11.7.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
watchguard	fireware	*	cpe:2.3:o:watchguard:fireware::::::::
watchguard	fireware	11.6	cpe:2.3:o:watchguard:fireware:11.6:::::::*
watchguard	fireware	11.6.1	cpe:2.3:o:watchguard:fireware:11.6.1:::::::*
watchguard	fireware	11.6.3	cpe:2.3:o:watchguard:fireware:11.6.3:::::::*
watchguard	fireware	11.6.5	cpe:2.3:o:watchguard:fireware:11.6.5:::::::*
watchguard	fireware	11.6.6	cpe:2.3:o:watchguard:fireware:11.6.6:::::::*
watchguard	fireware	11.7	cpe:2.3:o:watchguard:fireware:11.7:::::::*
watchguard	fireware	11.7.2	cpe:2.3:o:watchguard:fireware:11.7.2:::::::*
watchguard	fireware	11.7.3	cpe:2.3:o:watchguard:fireware:11.7.3:::::::*
watchguard	fireware	11.7.4	cpe:2.3:o:watchguard:fireware:11.7.4:::::::*