Lucene search

[email protected]NVD:CVE-2006-3289

HistoryJun 28, 2006 - 11:05 p.m.

CVE-2006-3289

2006-06-2823:05:00

[email protected]

web.nvd.nist.gov

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.004

Percentile

74.7%

JSON

Cross-site scripting (XSS) vulnerability in the login page of the HTTP interface for the Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a “malicious URL”.

Affected configurations

Nvd

Node

ciscowireless_control_systemRange≤3.2\(51\)

VendorProductVersionCPE
ciscowireless_control_system*cpe:2.3:h:cisco:wireless_control_system:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	wireless_control_system	*	cpe:2.3:h:cisco:wireless_control_system::::::::

References

secunia.com/advisories/20870

securitytracker.com/id?1016398

www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml

www.osvdb.org/26880

www.securityfocus.com/bid/18701

www.vupen.com/english/advisories/2006/2583

exchange.xforce.ibmcloud.com/vulnerabilities/27441

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.004

Percentile

74.7%

JSON

Related for NVD:CVE-2006-3289

cvelist1 cve1 cisco1