CVE-2011-0961

2011-05-2022:55:02

CWE-79

[email protected]

web.nvd.nist.gov

cve-2011-0961

cross-site scripting

xss

cisco

ciscoworks

common services

vulnerability

nvd

bug id

cscto12704

5.6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.059 Low

EPSS

Percentile

93.4%

JSON

Cross-site scripting (XSS) vulnerability in cwhp/device.center.do in the Help servlet in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the device parameter, aka Bug ID CSCto12704.

Affected configurations

NVD

Node

ciscociscoworks_common_servicesRange≤3.3

ciscociscoworks_common_servicesMatch1.0

ciscociscoworks_common_servicesMatch2.2

ciscociscoworks_common_servicesMatch3.0

ciscociscoworks_common_servicesMatch3.0.3

ciscociscoworks_common_servicesMatch3.0.4

ciscociscoworks_common_servicesMatch3.0.5

ciscociscoworks_common_servicesMatch3.0.6

ciscociscoworks_common_servicesMatch3.1

ciscociscoworks_common_servicesMatch3.1.1

ciscociscoworks_common_servicesMatch3.2

CPENameOperatorVersion
cisco:ciscoworks_common_servicescisco ciscoworks common servicesle3.3
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq1.0
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq2.2
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq3.0
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq3.0.3
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq3.0.4
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq3.0.5
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq3.0.6
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq3.1
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq3.1.1

CPE	Name	Operator	Version
cisco:ciscoworks_common_services	cisco ciscoworks common services	le	3.3
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	1.0
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	2.2
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	3.0
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	3.0.3
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	3.0.4
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	3.0.5
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	3.0.6
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	3.1
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	3.1.1