Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistCiscoCVELIST:CVE-2014-3289
HistoryJun 10, 2014 - 10:00 a.m.

CVE-2014-3289

2014-06-1010:00:00
cisco
www.cve.org
8

AI Score

5.5

Confidence

High

EPSS

0.003

Percentile

69.8%

JSON

Cross-site scripting (XSS) vulnerability in the web management interface in Cisco AsyncOS on the Email Security Appliance (ESA) 8.0, Web Security Appliance (WSA) 8.0 (.5 Hot Patch 1) and earlier, and Content Security Management Appliance (SMA) 8.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, as demonstrated by the date_range parameter to monitor/reports/overview on the IronPort ESA, aka Bug IDs CSCun07998, CSCun07844, and CSCun07888.

Related

cisco 1
threatpost 1
cve 1
prion 1
cert 1
packetstorm 2
nvd 1
zdt 1
cisco
cisco
Cisco AsyncOS Cross-Site Scripting Vulnerability
2014-06-09 20:38:39
threatpost
threatpost
Cisco Patches XSS Flaw in Security Appliances
2014-06-10 10:47:30
cve
cve
CVE-2014-3289
2014-06-10 11:19:35
prion
prion
Cross site scripting
2014-06-10 11:19:00
cert
cert
Cisco AsyncOS contains a reflected cross-site scripting (XSS) vulnerability
2014-06-10 00:00:00
packetstorm
packetstorm
Cisco Ironport Email Security Virtual Appliance 8.0.0-671 XSS
2014-06-09 00:00:00
Centreon SQL Injection / Command Injection
2014-10-18 00:00:00
nvd
nvd
CVE-2014-3289
2014-06-10 11:19:35
zdt
zdt
Centreon SQL Injection / Command Injection Vulnerability
2014-10-18 00:00:00

AI Score

5.5

Confidence

High

EPSS

0.003

Percentile

69.8%

JSON
Related for CVELIST:CVE-2014-3289
cisco1threatpost1cve1prion1cert1packetstorm2nvd1zdt1