CVE-2013-4713

Published Nov 1, 2013

Last updated 11 years ago

CVSS info 3.5

Overview

Description: Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Source: vultures@jpcert.or.jp
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 3.5
Impact score: 2.9
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:iodata:rockdisk_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B8B2014-0288-4DB5-A813-0A8858836013",
            "versionEndIncluding": "1.05c-2.0.3"
          },
          {
            "criteria": "cpe:2.3:o:iodata:rockdisk_firmware:1.03v3-1.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF2128C2-6482-4B17-A04A-1BC371C5DEC0"
          },
          {
            "criteria": "cpe:2.3:o:iodata:rockdisk_firmware:1.03w-1.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EE1279B-E5F9-448A-8E92-A32BAD3A5A03"
          },
          {
            "criteria": "cpe:2.3:o:iodata:rockdisk_firmware:1.03y-1.16:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A504FC3B-92AE-4F7B-BF70-FE5912803227"
          },
          {
            "criteria": "cpe:2.3:o:iodata:rockdisk_firmware:1.04a-1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A61A59BB-D238-4BE1-BABA-ED8C18EB205B"
          },
          {
            "criteria": "cpe:2.3:o:iodata:rockdisk_firmware:1.04b-1.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80CE8C9B-FBA6-4110-AFF9-33341914B4A7"
          },
          {
            "criteria": "cpe:2.3:o:iodata:rockdisk_firmware:1.04d-2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "827403C0-E40D-4F5B-81B7-DE00DE411DCC"
          },
          {
            "criteria": "cpe:2.3:o:iodata:rockdisk_firmware:1.04m-2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E3FE111-D8B5-4747-A04A-506CC1E186CC"
          },
          {
            "criteria": "cpe:2.3:o:iodata:rockdisk_firmware:1.04n-2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD900A4A-4CCA-4D51-9438-3A4E85BDCC75"
          },
          {
            "criteria": "cpe:2.3:o:iodata:rockdisk_firmware:1.04r3-2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E489B10-7151-4A22-98C4-74CE280A8B14"
          },
          {
            "criteria": "cpe:2.3:o:iodata:rockdisk_firmware:1.04t-2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF5D2552-70A3-4DDB-9E5C-8AEC0E785346"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:iodata:rockdisk:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74451148-B224-4D1C-822B-46A278DC25E0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References