CVE-2012-1807
Published Apr 13, 2012
Last updated 13 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in the web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- Source
- cret@cert.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:koyo:h0-ecom:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9E27920-1511-4B22-BDA9-B899B34710B3"
},
{
"criteria": "cpe:2.3:a:koyo:h0-ecom100:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1349CB3F-EE51-4E0D-946A-00B1C6BF8AB9"
},
{
"criteria": "cpe:2.3:a:koyo:h2-ecom:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D8283D77-0E94-436E-807B-A453626AB1F3"
},
{
"criteria": "cpe:2.3:a:koyo:h2-ecom-f:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C180ADB5-7DD0-4E3C-A0CE-1B0D99B9201E"
},
{
"criteria": "cpe:2.3:a:koyo:h2-ecom100:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B4BE814-28F4-41FE-B018-6451CBE3BAE5"
},
{
"criteria": "cpe:2.3:a:koyo:h4-ecom:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57FA57D1-57A8-4BD8-B91A-08E5E52C7AE9"
},
{
"criteria": "cpe:2.3:a:koyo:h4-ecom-f:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4F0F085-884D-4BB5-9F8F-E3BFA75374B6"
},
{
"criteria": "cpe:2.3:a:koyo:h4-ecom100:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CED6E21-EB35-4480-8FCF-C6759F21FBBE"
}
],
"operator": "OR"
}
]
}
]