Lucene search

K

[email protected]NVD:CVE-2011-0962

HistoryMay 20, 2011 - 10:55 p.m.

CVE-2011-0962

2011-05-2022:55:03

CWE-79

[email protected]

web.nvd.nist.gov

2

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.897 High

EPSS

Percentile

98.8%

Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote attackers to inject arbitrary web script or HTML via the tag parameter, aka Bug ID CSCto12712.

Affected configurations

NVD

Node

ciscounified_operations_managerRange≤8.5

OR

ciscounified_operations_managerMatch1.1

OR

ciscounified_operations_managerMatch2.0

OR

ciscounified_operations_managerMatch2.0.1

OR

ciscounified_operations_managerMatch2.0.2

OR

ciscounified_operations_managerMatch2.0.3

OR

ciscounified_operations_managerMatch2.1

OR

ciscounified_operations_managerMatch2.2

OR

ciscounified_operations_managerMatch2.3

OR

ciscounified_operations_managerMatch8.0

References

archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html

tools.cisco.com/security/center/viewAlert.x?alertId=23087

www.exploit-db.com/exploits/17304

www.senseofsecurity.com.au/advisories/SOS-11-006.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/67524

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.897 High

EPSS

Percentile

98.8%

Related for NVD:CVE-2011-0962

cve1 checkpoint_advisories1 prion1 cvelist1 cisco1 securityvulns2 exploitpack1 packetstorm1 seebug1 nessus1 exploitdb1