Lucene search
HistoryJan 06, 2015 - 3:59 p.m.
CVE-2014-3764
cve-2014-3764
cross-site scripting
xss
vulnerability
palo alto networks
pan-os
web-based management interface
security
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
49.9%
Cross-site scripting (XSS) vulnerability in the web-based device management interface in Palo Alto Networks PAN-OS before 5.0.15, 5.1.x before 5.1.10, and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Ref ID 64563.
Affected configurations
Node
paloaltonetworkspan-osRange≤5.0.14
ORpaloaltonetworkspan-osMatch5.1
ORpaloaltonetworkspan-osMatch5.1.1
ORpaloaltonetworkspan-osMatch5.1.2
ORpaloaltonetworkspan-osMatch5.1.3
ORpaloaltonetworkspan-osMatch5.1.4
ORpaloaltonetworkspan-osMatch5.1.5
ORpaloaltonetworkspan-osMatch5.1.6
ORpaloaltonetworkspan-osMatch5.1.7
ORpaloaltonetworkspan-osMatch5.1.8
ORpaloaltonetworkspan-osMatch5.1.9
ORpaloaltonetworkspan-osMatch6.0
ORpaloaltonetworkspan-osMatch6.0.1
ORpaloaltonetworkspan-osMatch6.0.2
ORpaloaltonetworkspan-osMatch6.0.3
ORpaloaltonetworkspan-osMatch6.0.4
ORpaloaltonetworkspan-osMatch6.0.5
Related
paloalto
paloalto
Cross-site scripting vulnerability
2014-12-22 08:00:00
nvd
nvd
CVE-2014-3764
2015-01-06 15:59:01
cvelist
cvelist
CVE-2014-3764
2015-01-06 15:00:00
nessus
nessus
Palo Alto Networks PAN-OS < 5.0.15 / 5.1.x < 5.1.10 / 6.0.x < 6.0.6 XSS
2014-12-29 00:00:00
prion
prion
Cross site scripting
2015-01-06 15:59:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
49.9%
Related for CVE-2014-3764