Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5582

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-5582
Last Modified 07 Mar 2011 10:00:58
Published 14 Dec 2007 08:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5582

Summary

Cross-site scripting (XSS) vulnerability in the login page in Cisco CiscoWorks Server (CS), possibly 2.6 and earlier, when using CiscoWorks Common Services 3.0.x and 3.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Ciscoworks Server 2.6


References

CISCO - 20071205 CiscoWorks Server XSS Vulnerability

XF - ciscoworks-cs-loginpage-xss(38862)

VUPEN - ADV-2007-4102

BID - 26708

BUGTRAQ - 20071205 Advisory: Cross Site Scripting in CiscoWorks

MISC - http://www.liquidmatrix.org/blog/2007/12/05/advisory-cross-site-scripting-in-ciscoworks/

CONFIRM - http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsk69289

SECTRACK - 1019043

SREASON - 3449

SECUNIA - 27902


Last Updated: 27 May 2016 10:46:12