Lucene search

K
nvd[email protected]NVD:CVE-2016-9202
HistoryDec 14, 2016 - 12:59 a.m.

CVE-2016-9202

2016-12-1400:59:23
CWE-79
web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

43.6%

A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) Switches could allow an unauthenticated, remote attacker to conduct a persistent cross-site scripting (XSS) attack against a user of the affected interface on an affected device. More Information: CSCvb37346. Known Affected Releases: 9.1.1-036 9.7.1-066.

Affected configurations

NVD
Node
ciscoemail_security_applianceMatch9.1.1-036
OR
ciscoemail_security_applianceMatch9.1.2-023
OR
ciscoemail_security_applianceMatch9.1.2-028
OR
ciscoemail_security_applianceMatch9.1.2-036
OR
ciscoemail_security_applianceMatch9.4.0
OR
ciscoemail_security_applianceMatch9.4.4-000
OR
ciscoemail_security_applianceMatch9.5.0-000
OR
ciscoemail_security_applianceMatch9.5.0-201
OR
ciscoemail_security_applianceMatch9.6.0-000
OR
ciscoemail_security_applianceMatch9.6.0-042
OR
ciscoemail_security_applianceMatch9.6.0-051
OR
ciscoemail_security_applianceMatch9.7.0-125
OR
ciscoemail_security_applianceMatch9.7.1-066
OR
ciscoemail_security_applianceMatch9.7.2-046
OR
ciscoemail_security_applianceMatch9.7.2-047
OR
ciscoemail_security_applianceMatch9.7.2-054

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

43.6%

Related for NVD:CVE-2016-9202