Lucene search

PRIOn knowledge basePRION:CVE-2013-3275

HistoryJul 19, 2013 - 2:36 p.m.

Cross site scripting

2013-07-1914:36:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

39.6%

JSON

EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly restrict use of FRAME elements, which makes it easier for remote attackers to obtain sensitive information via a crafted web site, related to “cross frame scripting vulnerabilities.”

CPENameOperatorVersion
avamar_servereq5.0
avamar_serverle6.1
avamar_servereq6.0
avamar_servereq4.0
avamar_servereq4.1
avamar_server_virtual_editioneq6.0
avamar_server_virtual_editioneq5.0
avamar_server_virtual_editioneq4.0
avamar_server_virtual_editionle6.1
avamar_server_virtual_editioneq4.1

Name	Operator	Version
avamar_server	eq	5.0
avamar_server	le	6.1
avamar_server	eq	6.0
avamar_server	eq	4.0
avamar_server	eq	4.1
avamar_server_virtual_edition	eq	6.0
avamar_server_virtual_edition	eq	5.0
avamar_server_virtual_edition	eq	4.0
avamar_server_virtual_edition	le	6.1
avamar_server_virtual_edition	eq	4.1

References

archives.neohapsis.com/archives/bugtraq/2013-07/0114.html

6.3 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

39.6%

JSON

Related for PRION:CVE-2013-3275