CVE-2014-2118
Published Mar 27, 2014
Last updated 9 years ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in dashboard-related HTML documents in Cisco Prime Security Manager (aka PRSM) 9.2(.1-2) and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCun50687.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "457CCC35-449B-4002-89FB-3D22BD4F34A8",
"versionEndIncluding": "9.2.1-2"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62F52A82-C8A8-4692-9232-E4ACE5714BC4"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6919AA10-28A4-46BD-A491-0C0130B4C385"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.1.2-29:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "308EBED0-E069-4B8D-BE7B-5FB3940491FA"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.1.2-42:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "657AC52E-EF40-49D9-A0F9-F9BDA8A67B4D"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.1.3-8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7FBB326-9011-434D-B142-5C6B1F422442"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.1.3-10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "91D0E148-44D5-4A48-B33B-E5D891AC7F56"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.1.3-13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D123EB5-1B8F-484B-818D-FD221E7531FA"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B316BD78-7FCF-4A66-897B-000065AB5261"
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:9.2.1-1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB3F163F-4C7F-462A-8229-1D98C85B7D59"
}
],
"operator": "OR"
}
]
}
]