CVE-2009-1162
Published Jun 5, 2009
Last updated 7 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in the Spam Quarantine login page in Cisco IronPort AsyncOS before 6.5.2 on Series C, M, and X appliances allows remote attackers to inject arbitrary web script or HTML via the referrer parameter.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ironport_asyncos:6.0.0-754:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "477A66C5-9B97-4363-8374-7AAD50A6203A"
},
{
"criteria": "cpe:2.3:o:cisco:ironport_asyncos:6.0.0-757:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01DB8C2D-5C38-4171-AE6F-FB224AEC3225"
},
{
"criteria": "cpe:2.3:o:cisco:ironport_asyncos:6.1.0-301:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1913AA9-2FF7-43BF-902A-A0730D375580"
},
{
"criteria": "cpe:2.3:o:cisco:ironport_asyncos:6.1.0-304:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22339A19-2486-4916-B63F-8D0095CE2CAE"
},
{
"criteria": "cpe:2.3:o:cisco:ironport_asyncos:6.1.0-306:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD01E9B8-6787-4658-9E45-2B4916BB0409"
},
{
"criteria": "cpe:2.3:o:cisco:ironport_asyncos:6.1.0-307:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "30A807C2-CE36-4760-BC2A-D9A6AEA1D65B"
},
{
"criteria": "cpe:2.3:o:cisco:ironport_asyncos:6.1.5-110:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5134EEAA-DE71-4283-B3D3-2923749EE92D"
},
{
"criteria": "cpe:2.3:o:cisco:ironport_asyncos:6.1.6-003:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DEB855ED-197C-4CAC-A5B8-E02D598320EE"
},
{
"criteria": "cpe:2.3:o:cisco:ironport_asyncos:6.3.5-003:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F99C6CBC-4044-45A1-B79C-C54E4A13F41B"
},
{
"criteria": "cpe:2.3:o:cisco:ironport_asyncos:6.3.6-003:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29EB3C86-E8EF-4AE2-A8DC-C0B912F27F0D"
},
{
"criteria": "cpe:2.3:o:cisco:ironport_asyncos:6.5.0-405:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4716DAB7-C9E9-47DE-946B-B5B8F0768985"
},
{
"criteria": "cpe:2.3:o:cisco:ironport_asyncos:6.5.1-005:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9F240870-D97A-458A-9485-24CAD3816E68"
},
{
"criteria": "cpe:2.3:o:cisco:ironport_asyncos:6.6.4.0-273:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F5A6548C-217F-4496-8DF2-4EF2A775BF7D"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ironport_email_security_appliances:*:c:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9211A16-3F60-4FEF-9164-93A8DC447A76"
},
{
"criteria": "cpe:2.3:h:cisco:ironport_email_security_appliances:*:m:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "202BD85B-AE22-4638-A344-E5C75C4CC243"
},
{
"criteria": "cpe:2.3:h:cisco:ironport_email_security_appliances:*:x:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79F52D0C-C0D9-4802-9A07-968F6F68C038"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]