Lucene search

[email protected]CVE-2010-1355

HistoryOct 03, 2022 - 4:20 p.m.

CVE-2010-1355

2022-10-0316:20:58

CWE-79

[email protected]

web.nvd.nist.gov

cve-2010-1355

cross-site scripting

xss

tandberg video communication server

vcs

remote attackers

web script

html

reference id 66316

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.2%

JSON

Cross-site scripting (XSS) vulnerability on the TANDBERG Video Communication Server (VCS) before X5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Reference ID 66316.

Affected configurations

NVD

Node

vsecuritytandberg_video_communication_serverRange≤x4.3.0

vsecuritytandberg_video_communication_serverMatchx1.0.0

vsecuritytandberg_video_communication_serverMatchx1.1.0

vsecuritytandberg_video_communication_serverMatchx1.2.0

vsecuritytandberg_video_communication_serverMatchx2.0.0

vsecuritytandberg_video_communication_serverMatchx2.1.0

vsecuritytandberg_video_communication_serverMatchx3.0.0

vsecuritytandberg_video_communication_serverMatchx3.1.0

vsecuritytandberg_video_communication_serverMatchx4.1.0

vsecuritytandberg_video_communication_serverMatchx4.2.0

vsecuritytandberg_video_communication_serverMatchx4.2.1

CPENameOperatorVersion
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication serverlex4.3.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx1.0.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx1.1.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx1.2.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx2.0.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx2.1.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx3.0.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx3.1.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx4.1.0
vsecurity:tandberg_video_communication_servervsecurity tandberg video communication servereqx4.2.0

CPE	Name	Operator	Version
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	le	x4.3.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x1.0.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x1.1.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x1.2.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x2.0.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x2.1.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x3.0.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x3.1.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x4.1.0
vsecurity:tandberg_video_communication_server	vsecurity tandberg video communication server	eq	x4.2.0

Rows per page:

1-10 of 111

References

ftp.tandberg.com/pub/software/vcs/TANDBERG%20Video%20Communication%20Server%20Software%20Release%20Notes%20%28X5%29.pdf

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.2%

JSON

Related for CVE-2010-1355

cvelist1 nvd1 prion1