Lucene search

[email protected]NVD:CVE-2013-2290

HistoryMar 28, 2013 - 11:55 p.m.

CVE-2013-2290

2013-03-2823:55:01

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.002

Percentile

54.7%

JSON

Cross-site scripting (XSS) vulnerability in the dashboard of the ArubaOS Administration WebUI in Aruba Networks ArubaOS 6.2.x before 6.2.0.3, 6.1.3.x before 6.1.3.7, 6.1.x-FIPS before 6.1.4.3-FIPS, and 6.1.x-AirGroup before 6.1.3.6-AirGroup, as used by Mobility Controller, allows remote wireless access points to inject arbitrary web script or HTML via a crafted SSID.

Affected configurations

Nvd

Node

arubanetworksarubaosMatch6.2.0.0

arubanetworksarubaosMatch6.2.0.1

arubanetworksarubaosMatch6.2.0.2

Node

arubanetworksarubaosMatch6.1.3.0

arubanetworksarubaosMatch6.1.3.1

arubanetworksarubaosMatch6.1.3.2

arubanetworksarubaosMatch6.1.3.4

arubanetworksarubaosMatch6.1.3.5

arubanetworksarubaosMatch6.1.3.6

Node

arubanetworksarubaosMatch6.1.2.3-fips

arubanetworksarubaosMatch6.1.4.2-fips

VendorProductVersionCPE
arubanetworksarubaos6.2.0.0cpe:2.3:o:arubanetworks:arubaos:6.2.0.0:*:*:*:*:*:*:*
arubanetworksarubaos6.2.0.1cpe:2.3:o:arubanetworks:arubaos:6.2.0.1:*:*:*:*:*:*:*
arubanetworksarubaos6.2.0.2cpe:2.3:o:arubanetworks:arubaos:6.2.0.2:*:*:*:*:*:*:*
arubanetworksarubaos6.1.3.0cpe:2.3:o:arubanetworks:arubaos:6.1.3.0:*:*:*:*:*:*:*
arubanetworksarubaos6.1.3.1cpe:2.3:o:arubanetworks:arubaos:6.1.3.1:*:*:*:*:*:*:*
arubanetworksarubaos6.1.3.2cpe:2.3:o:arubanetworks:arubaos:6.1.3.2:*:*:*:*:*:*:*
arubanetworksarubaos6.1.3.4cpe:2.3:o:arubanetworks:arubaos:6.1.3.4:*:*:*:*:*:*:*
arubanetworksarubaos6.1.3.5cpe:2.3:o:arubanetworks:arubaos:6.1.3.5:*:*:*:*:*:*:*
arubanetworksarubaos6.1.3.6cpe:2.3:o:arubanetworks:arubaos:6.1.3.6:*:*:*:*:*:*:*
arubanetworksarubaos6.1.2.3cpe:2.3:o:arubanetworks:arubaos:6.1.2.3:-:fips:*:*:*:*:*

Vendor	Product	Version	CPE
arubanetworks	arubaos	6.2.0.0	cpe:2.3:o:arubanetworks:arubaos:6.2.0.0:::::::*
arubanetworks	arubaos	6.2.0.1	cpe:2.3:o:arubanetworks:arubaos:6.2.0.1:::::::*
arubanetworks	arubaos	6.2.0.2	cpe:2.3:o:arubanetworks:arubaos:6.2.0.2:::::::*
arubanetworks	arubaos	6.1.3.0	cpe:2.3:o:arubanetworks:arubaos:6.1.3.0:::::::*
arubanetworks	arubaos	6.1.3.1	cpe:2.3:o:arubanetworks:arubaos:6.1.3.1:::::::*
arubanetworks	arubaos	6.1.3.2	cpe:2.3:o:arubanetworks:arubaos:6.1.3.2:::::::*
arubanetworks	arubaos	6.1.3.4	cpe:2.3:o:arubanetworks:arubaos:6.1.3.4:::::::*
arubanetworks	arubaos	6.1.3.5	cpe:2.3:o:arubanetworks:arubaos:6.1.3.5:::::::*
arubanetworks	arubaos	6.1.3.6	cpe:2.3:o:arubanetworks:arubaos:6.1.3.6:::::::*
arubanetworks	arubaos	6.1.2.3	cpe:2.3:o:arubanetworks:arubaos:6.1.2.3:-:fips:::::*

Rows per page:

1-10 of 111

References

osvdb.org/91485

secunia.com/advisories/52690

www.arubanetworks.com/support/alerts/aid-042213.asc

www.securityfocus.com/bid/58579

exchange.xforce.ibmcloud.com/vulnerabilities/82917

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.002

Percentile

54.7%

JSON

Related for NVD:CVE-2013-2290

prion1 cve1 cvelist1