Lucene search

[email protected]CVE-2009-4608

HistoryJan 13, 2010 - 11:30 a.m.

CVE-2009-4608

2010-01-1311:30:00

CWE-79

[email protected]

web.nvd.nist.gov

cve

2009

4608

cross-site scripting

xss

canon

accessguardian

nvd

security vulnerability

web script

html

remote attackers

authentication

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

57.2%

JSON

Cross-site scripting (XSS) vulnerability in Canon IT Solutions Inc. ACCESSGUARDIAN 3.0.14 and earlier, and 3.5.6 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to authentication.

Affected configurations

NVD

Node

canon-itsaccessguardianRange3.0–3.0.14

canon-itsaccessguardianRange3.5–3.5.6

CPENameOperatorVersion
canon-its:accessguardiancanon-its accessguardianle3.0.14
canon-its:accessguardiancanon-its accessguardianle3.5.6

CPE	Name	Operator	Version
canon-its:accessguardian	canon-its accessguardian	le	3.0.14
canon-its:accessguardian	canon-its accessguardian	le	3.5.6

References

canon-its.jp/guardian/topics/200910ag.html

jvn.jp/en/jp/JVN33822756/index.html

jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000066.html

osvdb.org/59058

secunia.com/advisories/37045

www.vupen.com/english/advisories/2009/2973

exchange.xforce.ibmcloud.com/vulnerabilities/53822

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

57.2%

JSON

Related for CVE-2009-4608

prion1 nvd1 cvelist1 jvn1