Lucene search

[email protected]CVE-2013-3394

HistoryNov 27, 2013 - 4:43 a.m.

CVE-2013-3394

2013-11-2704:43:33

CWE-79

[email protected]

web.nvd.nist.gov

cisco

prime

network registrar

xss

vulnerability

web interface

security

ciscoprime

cscuh41429

nvd

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

49.0%

JSON

Cross-site scripting (XSS) vulnerability in the web interface in Cisco Prime Network Registrar 8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted field, aka Bug ID CSCuh41429.

Affected configurations

NVD

Node

ciscoprime_network_registrarRange≤8.1

ciscoprime_network_registrarMatch8.0

CPENameOperatorVersion
cisco:prime_network_registrarcisco prime network registrarle8.1
cisco:prime_network_registrarcisco prime network registrareq8.0

CPE	Name	Operator	Version
cisco:prime_network_registrar	cisco prime network registrar	le	8.1
cisco:prime_network_registrar	cisco prime network registrar	eq	8.0

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3394

tools.cisco.com/security/center/viewAlert.x?alertId=31921

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

49.0%

JSON

Related for CVE-2013-3394

nvd1 prion1 cvelist1