Lucene search

[email protected]CVE-2006-4909

HistorySep 21, 2006 - 12:07 a.m.

CVE-2006-4909

2006-09-2100:07:00

[email protected]

web.nvd.nist.gov

cve-2006-4909

xss

cisco

ddos

mitigation

appliance

nvd

security vulnerability

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.9%

JSON

Cross-site scripting (XSS) vulnerability in Cisco Guard DDoS Mitigation Appliance before 5.1(6), when anti-spoofing is enabled, allows remote attackers to inject arbitrary web script or HTML via certain character sequences in a URL that are not properly handled when the appliance sends a meta-refresh.

Affected configurations

NVD

Node

ciscoguard_ddos_mitigation_applianceRange≤5.1\(5\)

CPENameOperatorVersion
cisco:guard_ddos_mitigation_appliancecisco guard ddos mitigation appliancele5.1\(5\)

CPE	Name	Operator	Version
cisco:guard_ddos_mitigation_appliance	cisco guard ddos mitigation appliance	le	5.1\(5\)

References

secunia.com/advisories/21962

securitytracker.com/id?1016890

www.cisco.com/warp/public/707/cisco-sa-20060920-guardxss.shtml

www.osvdb.org/29035

www.securityfocus.com/bid/20122

www.vupen.com/english/advisories/2006/3720

exchange.xforce.ibmcloud.com/vulnerabilities/29057

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.9%

JSON

Related for CVE-2006-4909

nvd1 cvelist1 cisco1