Lucene search
HistoryFeb 06, 2009 - 7:30 p.m.
CVE-2009-0470
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.6 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
74.3%
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different vulnerability than CVE-2008-3821.
Affected configurations
Node
ciscoiosMatch12.4\(23\)
Related
prion
prion
Cross site scripting
2009-02-06 19:30:00
Cross site scripting
2009-01-16 21:30:00
cve
cve
CVE-2009-0470
2009-02-06 19:30:00
CVE-2008-3821
2009-01-16 21:30:03
nessus
nessus
Cisco IOS XSS and XSRF Vulnerabilities
2012-01-11 00:00:00
cvelist
cvelist
CVE-2009-0470
2009-02-06 19:00:00
CVE-2008-3821
2009-01-16 21:00:00
nvd
nvd
CVE-2008-3821
2009-01-16 21:30:03
jvn
jvn
JVN#28344798 Cisco IOS cross-site scripting vulnerability
2009-01-15 00:00:00
securityvulns
securityvulns
Cisco IOS crossite scripting
2009-02-05 00:00:00
Cisco Security Response: Cisco IOS Cross-Site Scripting Vulnerabilities
2009-01-16 00:00:00
PR08-19: XSS on Cisco IOS HTTP Server
2009-01-16 00:00:00
cisco
cisco
Cisco IOS HTTP Server Ping Parameter Cross-Site Scripting Vulnerability
2009-01-14 16:58:09
packetstorm
packetstorm
ProCheckUp Security Advisory 2008.19
2009-01-15 00:00:00
openvas
openvas
Ubuntu USN-708-1 (hplip)
2009-01-20 00:00:00
Ubuntu USN-707-1 (cupsys)
2009-06-05 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.6 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
74.3%
Related for NVD:CVE-2009-0470