Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0309

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-0309
Last Modified 30 Jan 2012 11:08:54
Published 12 Jan 2012 11:14:38
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-0309

Summary

Cross-site scripting (XSS) vulnerability in Cogent DataHub 7.1.2 and earlier, Cascade DataHub 6.4.20 and earlier, and OPC DataHub 6.4.20 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Cogentdatahub Cascade Datahub 6.4.20

  • Cogentdatahub Cogent Datahub 7.0

  • Cogentdatahub Cogent Datahub 7.0.2

  • Cogentdatahub Cogent Datahub 7.1.0

  • Cogentdatahub Cogent Datahub 7.1.1

  • Cogentdatahub Cogent Datahub 7.1.1.63

  • Cogentdatahub Cogent Datahub 7.1.2

  • Cogentdatahub Opc Datahub 6.4.20


References

CONFIRM - http://www.cogentdatahub.com/ReleaseNotes.html

JVNDB - JVNDB-2012-000001

JVN - JVN#12983784

XF - cogentdatahub-unspecified-xss(72305)

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-12-016-01.pdf

BID - 51375

SECUNIA - 47525

SECUNIA - 47496


Last Updated: 27 May 2016 10:57:19