Lucene search

[email protected]CVE-2011-5261

HistoryFeb 12, 2013 - 8:55 p.m.

CVE-2011-5261

2013-02-1220:55:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2011-5261

cross-site scripting

xss

axis m10 series

network cameras

m1054

firmware 5.21

security vulnerability

nvd

6.4 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

69.6%

JSON

Cross-site scripting (XSS) vulnerability in serverreport.cgi in Axis M10 Series Network Cameras M1054 firmware 5.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the pageTitle parameter to admin/showReport.shtml.

CPENameOperatorVersion
axis:m10_series_network_cameras_firmwareaxis m10 series network cameras firmwarele5.21
axis:m1054_network_cameraaxis m1054 network cameraeq-

CPE	Name	Operator	Version
axis:m10_series_network_cameras_firmware	axis m10 series network cameras firmware	le	5.21
axis:m1054_network_camera	axis m1054 network camera	eq	-

References

metzgersecurity.blogspot.com/2011/11/xss-vulnerability-axis-m10-series.html

osvdb.org/77395

secunia.com/advisories/47037

www.securityfocus.com/bid/50968

exchange.xforce.ibmcloud.com/vulnerabilities/71687

6.4 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

69.6%

JSON

Related for CVE-2011-5261

prion1 cvelist1 nessus1