Vulnerability CVE-2013-3396
Published: 2013-06-26   Modified: 2013-06-27

Description:
Cross-site scripting (XSS) vulnerability in the web framework in Cisco Content Security Management on Security Management Appliance (SMA) devices allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuh24749.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Cisco IronPort Security Management Appliance Multiple issues
Pedro Andujar
27.08.2013

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None
Affected software
Cisco -> Content security management appliance 

 References:
http://www.securityfocus.com/bid/60829
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3396
Copyright 2024, cxsecurity.com

 

Back to Top