Vulnerability Name: | CVE-2005-1710 (CCN-20725) | ||||||||
Assigned: | 2005-05-20 | ||||||||
Published: | 2005-05-20 | ||||||||
Updated: | 2016-10-18 | ||||||||
Summary: | Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the username in an Add User window or (2) the license key (volatile.license_to_add parameter) in the Licensing page. | ||||||||
CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2005-1710 Source: BUGTRAQ Type: UNKNOWN 20050524 Blue Coat Reporter multiple remote vulnerabilities Source: CCN Type: SA15452 Blue Coat Reporter Multiple Vulnerabilities Source: SECUNIA Type: Vendor Advisory 15452 Source: CCN Type: Blue Coat Reporter Web site Blue Coat Systems - Reporter Source: CCN Type: Blue Coat Security Advisory Security Advisory: Blue Coat Reporter Vulnerabilities Source: CONFIRM Type: Patch http://www.bluecoat.com/support/knowledge/advisory_reporter_711_vulnerabilities.html Source: OSVDB Type: UNKNOWN 16765 Source: OSVDB Type: UNKNOWN 16766 Source: CCN Type: OSVDB ID: 16765 Blue Coat Reporter Add User Window username Parameter XSS Source: CCN Type: OSVDB ID: 16766 Blue Coat Reporter Licensing Page license key Parameter XSS Source: CCN Type: BID-13723 Blue Coat Reporter Remote Privilege Escalation Vulnerability Source: CCN Type: BID-13725 Blue Coat Reporter License HTML Injection Vulnerability Source: VUPEN Type: UNKNOWN ADV-2005-0589 Source: XF Type: UNKNOWN bluecoatreporter-licensing-xss(20725) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
Vulnerability Name: | CVE-2005-1710 (CCN-20726) | ||||||||
Assigned: | 2005-05-20 | ||||||||
Published: | 2005-05-20 | ||||||||
Updated: | 2016-10-18 | ||||||||
Summary: | Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the username in an Add User window or (2) the license key (volatile.license_to_add parameter) in the Licensing page. | ||||||||
CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
2.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2005-1710 Source: CCN Type: SA15452 Blue Coat Reporter Multiple Vulnerabilities Source: CCN Type: Blue Coat Reporter Web site Blue Coat Systems - Reporter Source: CCN Type: Blue Coat Security Advisory Security Advisory: Blue Coat Reporter Vulnerabilities Source: CCN Type: OSVDB ID: 16765 Blue Coat Reporter Add User Window username Parameter XSS Source: CCN Type: OSVDB ID: 16766 Blue Coat Reporter Licensing Page license key Parameter XSS Source: CCN Type: BID-13723 Blue Coat Reporter Remote Privilege Escalation Vulnerability Source: XF Type: UNKNOWN bluecoatreporter-add-user-xss(20726) | ||||||||
BACK |