CVE-2006-3101

Опубликовано: 21 июн. 2006

Источник: nvd

CVSS2: 4.3

EPSS Средний

Описание

Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco Secure ACS for UNIX 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) error, (2) SSL, and (3) Ok parameters.

Ссылки

http://secunia.com/advisories/20699
Patch
Vendor Advisory
http://securityreason.com/securityalert/1116
http://securitytracker.com/id?1016317
Exploit
Patch
http://www.cisco.com/en/US/products/sw/secursw/ps4911/tsd_products_security_response09186a00806b8bdb.html
Patch
http://www.osvdb.org/26531
http://www.securityfocus.com/archive/1/437441/100/0/threaded
http://www.securityfocus.com/archive/1/437480/100/0/threaded
http://www.securityfocus.com/bid/18449
Exploit
Patch
http://www.vupen.com/english/advisories/2006/2384
https://exchange.xforce.ibmcloud.com/vulnerabilities/27166
http://secunia.com/advisories/20699
Patch
Vendor Advisory
http://securityreason.com/securityalert/1116
http://securitytracker.com/id?1016317
Exploit
Patch
http://www.cisco.com/en/US/products/sw/secursw/ps4911/tsd_products_security_response09186a00806b8bdb.html
Patch
http://www.osvdb.org/26531
http://www.securityfocus.com/archive/1/437441/100/0/threaded
http://www.securityfocus.com/archive/1/437480/100/0/threaded
http://www.securityfocus.com/bid/18449
Exploit
Patch
http://www.vupen.com/english/advisories/2006/2384
https://exchange.xforce.ibmcloud.com/vulnerabilities/27166

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:secure_access_control_server:2.3:*:unix:*:*:*:*:*

EPSS

Процентиль: 96%

0.25649

Средний

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-p9v7-rhjg-9jx7

github

почти 4 года назад