exploitDog

CVE-2015-0766

Опубликовано: 04 июн. 2015

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in the Management Center component in Cisco FireSIGHT System Software 6.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified fields, aka Bug IDs CSCus93566, CSCut31557, and CSCut47196.

Ссылки

http://tools.cisco.com/security/center/viewAlert.x?alertId=39171
Vendor Advisory
http://www.securitytracker.com/id/1032482
Third Party Advisory
VDB Entry
http://tools.cisco.com/security/center/viewAlert.x?alertId=39171
Vendor Advisory
http://www.securitytracker.com/id/1032482
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:firesight_system_software:6.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 49%

0.00263

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-w5r5-wm7v-x4v6

github

больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in the Management Center component in Cisco FireSIGHT System Software 6.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified fields, aka Bug IDs CSCus93566, CSCut31557, and CSCut47196.

EPSS

Процентиль: 49%

0.00263

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79