CVE-2008-3821
5.7 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
74.0%
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.
References
jvn.jp/en/jp/JVN28344798/index.html
osvdb.org/51393
osvdb.org/51394
secunia.com/advisories/33461
securityreason.com/securityalert/4916
securitytracker.com/id?1021598
www.cisco.com/en/US/products/products_security_response09186a0080a5c501.html
www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-19
www.securityfocus.com/archive/1/500063/100/0/threaded
www.securityfocus.com/bid/33260
www.vupen.com/english/advisories/2009/0138
exchange.xforce.ibmcloud.com/vulnerabilities/47947
Related
5.7 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
74.0%