Lucene search
HistoryJul 26, 2014 - 11:11 a.m.
CVE-2014-3324
cve-2014-3324
cross-site scripting
xss
cisco telepresence server software
remote code injection
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
58.7%
Multiple cross-site scripting (XSS) vulnerabilities in the login page in the administrative web interface in Cisco TelePresence Server Software 4.0(2.8) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCup90060.
Affected configurations
Node
ciscotelepresence_server_softwareMatch3.0\(2.24\)
ORciscotelepresence_server_softwareMatch3.1\(1.98\)
ORciscotelepresence_server_softwareMatch4.0\(1.57\)
ORciscotelepresence_server_softwareMatch4.0\(2.8\)
Related
nvd
nvd
CVE-2014-3324
2014-07-26 11:11:57
prion
prion
Cross site scripting
2014-07-26 11:11:00
cvelist
cvelist
CVE-2014-3324
2014-07-26 10:00:00
cisco
cisco
Cisco TelePresence Management Interface Vulnerability
2014-07-24 16:40:57
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
58.7%
Related for CVE-2014-3324