Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2118

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-2118
Last Modified 16 Sep 2015 03:15:13
Published 27 Mar 2014 05:55:09
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-2118

Summary

Multiple cross-site scripting (XSS) vulnerabilities in dashboard-related HTML documents in Cisco Prime Security Manager (aka PRSM) 9.2(.1-2) and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCun50687.

Vulnerable Systems

Application

  • Cisco Prime Security Manager 9.0

  • Cisco Prime Security Manager 9.1

  • Cisco Prime Security Manager 9.1.2-29

  • Cisco Prime Security Manager 9.1.2-42

  • Cisco Prime Security Manager 9.1.3-10

  • Cisco Prime Security Manager 9.1.3-13

  • Cisco Prime Security Manager 9.1.3-8

  • Cisco Prime Security Manager 9.2

  • Cisco Prime Security Manager 9.2.1-1

  • Cisco Prime Security Manager 9.2.1-2


References

CONFIRM - http://tools.cisco.com/security/center/viewAlert.x?alertId=33542

CISCO - 20140327 Cisco Prime Security Manager Cross-Site Scripting Vulnerability

SECTRACK - 1029968

BID - 66488


Last Updated: 27 May 2016 11:04:48