Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2016-6436
HistoryOct 06, 2016 - 10:59 a.m.

CVE-2016-6436

2016-10-0610:59:17
CWE-79
[email protected]
web.nvd.nist.gov
6

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

47.4%

JSON

Cross-site scripting (XSS) vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz14682.

Affected configurations

Nvd
Node
ciscohostscan_engineMatch3.0.08062
OR
ciscohostscan_engineMatch3.0.08066
OR
ciscohostscan_engineMatch3.1.01065
OR
ciscohostscan_engineMatch3.1.02016
OR
ciscohostscan_engineMatch3.1.02026
OR
ciscohostscan_engineMatch3.1.02040
OR
ciscohostscan_engineMatch3.1.02043
OR
ciscohostscan_engineMatch3.1.03103
OR
ciscohostscan_engineMatch3.1.03104
OR
ciscohostscan_engineMatch3.1.04060
OR
ciscohostscan_engineMatch3.1.04063
OR
ciscohostscan_engineMatch3.1.04075
OR
ciscohostscan_engineMatch3.1.04082
OR
ciscohostscan_engineMatch3.1.05152
OR
ciscohostscan_engineMatch3.1.05160
OR
ciscohostscan_engineMatch3.1.05163
OR
ciscohostscan_engineMatch3.1.05170
OR
ciscohostscan_engineMatch3.1.05178
OR
ciscohostscan_engineMatch3.1.05182
OR
ciscohostscan_engineMatch3.1.05183
OR
ciscohostscan_engineMatch3.1.06073
OR
ciscohostscan_engineMatch3.1.14018
VendorProductVersionCPE
ciscohostscan_engine3.0.08062cpe:2.3:a:cisco:hostscan_engine:3.0.08062:*:*:*:*:*:*:*
ciscohostscan_engine3.0.08066cpe:2.3:a:cisco:hostscan_engine:3.0.08066:*:*:*:*:*:*:*
ciscohostscan_engine3.1.01065cpe:2.3:a:cisco:hostscan_engine:3.1.01065:*:*:*:*:*:*:*
ciscohostscan_engine3.1.02016cpe:2.3:a:cisco:hostscan_engine:3.1.02016:*:*:*:*:*:*:*
ciscohostscan_engine3.1.02026cpe:2.3:a:cisco:hostscan_engine:3.1.02026:*:*:*:*:*:*:*
ciscohostscan_engine3.1.02040cpe:2.3:a:cisco:hostscan_engine:3.1.02040:*:*:*:*:*:*:*
ciscohostscan_engine3.1.02043cpe:2.3:a:cisco:hostscan_engine:3.1.02043:*:*:*:*:*:*:*
ciscohostscan_engine3.1.03103cpe:2.3:a:cisco:hostscan_engine:3.1.03103:*:*:*:*:*:*:*
ciscohostscan_engine3.1.03104cpe:2.3:a:cisco:hostscan_engine:3.1.03104:*:*:*:*:*:*:*
ciscohostscan_engine3.1.04060cpe:2.3:a:cisco:hostscan_engine:3.1.04060:*:*:*:*:*:*:*
Rows per page:
1-10 of 221

Related

cvelist 1
prion 1
cisco 1
cve 1
cvelist
cvelist
CVE-2016-6436
2016-10-06 10:00:00
prion
prion
Cross site scripting
2016-10-06 10:59:00
cisco
cisco
Cisco Host Scan Package Cross-Site Scripting Vulnerability
2016-10-05 16:00:00
cve
cve
CVE-2016-6436
2016-10-06 10:59:17

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

47.4%

JSON
Related for NVD:CVE-2016-6436
cvelist1prion1cisco1cve1