Lucene search

PRIOn knowledge basePRION:CVE-2009-2048

HistoryJul 16, 2009 - 3:30 p.m.

Cross site scripting

2009-07-1615:30:00

PRIOn knowledge base

www.prio-n.com

5.6 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

43.3%

JSON

Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors.

CPENameOperatorVersion
crseq4.1
crseq4.5
crseq6.0
crseq4.0
crseq7.0
crseq5.0
crseq3.5
customer_response_applicationseq3.5
ip_qmeq3.5
unified_ccxeq7.1.0

Name	Operator	Version
crs	eq	4.1
crs	eq	4.5
crs	eq	6.0
crs	eq	4.0
crs	eq	7.0
crs	eq	5.0
crs	eq	3.5
customer_response_applications	eq	3.5
ip_qm	eq	3.5
unified_ccx	eq	7.1.0

Rows per page:

1-10 of 331

References

osvdb.org/55937

secunia.com/advisories/35861

www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml

www.securityfocus.com/bid/35705

www.securitytracker.com/id?1022569

www.vupen.com/english/advisories/2009/1913

exchange.xforce.ibmcloud.com/vulnerabilities/51730

5.6 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

43.3%

JSON

Related for PRION:CVE-2009-2048