Cross site scripting

2017-08-2815:29:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.7%

JSON

Cross-site scripting (XSS) vulnerability in GE Multilink ML810/3000/3100 series switch 5.2.0 and earlier, and GE Multilink ML800/1200/1600/2400 4.2.1 and earlier.

CPENameOperatorVersion
multilink_ml1200_firmwareeq4.2.1
multilink_ml1600_firmwareeq4.2.1
multilink_ml2400_firmwareeq4.2.1
multilink_ml3000_firmwarele5.2.0
multilink_ml3100_firmwarele5.2.0
multilink_ml800_firmwareeq4.2.1
multilink_ml810_firmwareeq5.2.0

Name	Operator	Version
multilink_ml1200_firmware	eq	4.2.1
multilink_ml1600_firmware	eq	4.2.1
multilink_ml2400_firmware	eq	4.2.1
multilink_ml3000_firmware	le	5.2.0
multilink_ml3100_firmware	le	5.2.0
multilink_ml800_firmware	eq	4.2.1
multilink_ml810_firmware	eq	5.2.0

References

ics-cert.us-cert.gov/advisories/ICSA-15-013-04A