Lucene search

[email protected]CVE-2013-5968

HistoryOct 29, 2013 - 3:42 a.m.

CVE-2013-5968

2013-10-2903:42:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2013-5968

cross-site scripting

xss

ca siteminder

web agents

nvd

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.0%

JSON

Cross-site scripting (XSS) vulnerability in CA SiteMinder 12.0 through 12.51, and SiteMinder 6 Web Agents, allows remote attackers to inject arbitrary web script or HTML via vectors involving a " (double quote) character.

CPENameOperatorVersion
ca:web_agentsca web agentseq6.0
broadcom:siteminderbroadcom sitemindereq12.0
broadcom:siteminderbroadcom sitemindereq12.5
broadcom:siteminderbroadcom sitemindereq12.51

CPE	Name	Operator	Version
ca:web_agents	ca web agents	eq	6.0
broadcom:siteminder	broadcom siteminder	eq	12.0
broadcom:siteminder	broadcom siteminder	eq	12.5
broadcom:siteminder	broadcom siteminder	eq	12.51

References

archives.neohapsis.com/archives/bugtraq/2013-10/0120.html

osvdb.org/98919

seclists.org/fulldisclosure/2013/Oct/230

www.securitytracker.com/id/1029237

support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B9B8E7A8A-2A00-4456-A7CC-8C2E74AA7EA5%7D

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.0%

JSON

Related for CVE-2013-5968

hackerone1 securityvulns2 prion1