Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2114

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-2114
Last Modified 16 Sep 2015 03:11:56
Published 04 Apr 2014 11:10:20
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-2114

Summary

Cross-site scripting (XSS) vulnerability in UserServlet in Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun24384.

Vulnerable Systems

Application

  • Cisco Emergency Responder 8.6


References

CONFIRM - http://tools.cisco.com/security/center/viewAlert.x?alertId=33644

CISCO - 20140403 Cisco Emergency Responder Cross-Site Scripting Vulnerability

SECTRACK - 1030019

BID - 66635


Last Updated: 27 May 2016 11:08:38