exploitDog

CVE-2013-5482

Опубликовано: 13 сент. 2013

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cisco Prime LAN Management Solution (LMS) does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug ID CSCug77823.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5482
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5482
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:prime_lan_management_solution:-:*:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.00217

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-4hw6-q38g-g8fh

github

больше 3 лет назад

Cisco Prime LAN Management Solution (LMS) does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug ID CSCug77823.

EPSS

Процентиль: 44%

0.00217

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-264