Lucene search

[email protected]CVE-2009-5086

HistorySep 02, 2011 - 5:55 p.m.

CVE-2009-5086

2011-09-0217:55:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2009-5086

cross-site scripting

xss

appliance configuration manager

acm

juniper idp

nvd

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

56.7%

JSON

Cross-site scripting (XSS) vulnerability in Appliance Configuration Manager (ACM) in Juniper IDP 4.1 before 4.1r3 and 4.2 before 4.2r1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
juniper:idpjuniper idpeq4.1
juniper:idpjuniper idpeq4.1r2
juniper:idpjuniper idpeq4.2
juniper:idpjuniper idpeq4.1r1

CPE	Name	Operator	Version
juniper:idp	juniper idp	eq	4.1
juniper:idp	juniper idp	eq	4.1r2
juniper:idp	juniper idp	eq	4.2
juniper:idp	juniper idp	eq	4.1r1

References

jvn.jp/en/jp/JVN44642341/index.html

jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000071.html

s-tools1.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2009-01-191&viewMode=view

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

56.7%

JSON

Related for CVE-2009-5086

cvelist1 prion1 jvn1