| Vulnerability Name: | CVE-2013-5500 (CCN-87321) | ||||||||
| Assigned: | 2013-09-19 | ||||||||
| Published: | 2013-09-19 | ||||||||
| Updated: | 2013-10-02 | ||||||||
| Summary: | Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin service page in Cisco MediaSense allow remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuj23320, CSCuj23324, CSCuj23333, and CSCuj23338. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-79 | ||||||||
| Vulnerability Consequences: | Cross-Site Scripting | ||||||||
| References: | Source: MITRE Type: CNA CVE-2013-5500 Source: CCN Type: SA54944 Cisco MediaSense oraadmin and oraservice Cross-Site Scripting Vulnerabilities Source: CCN Type: Cisco Security Notice Multiple Cisco MediaSense oraadmin Cross-Site Scripting Vulnerabilities Source: CISCO Type: Vendor Advisory 20130919 Multiple Cisco MediaSense oraadmin Cross-Site Scripting Vulnerabilities Source: BID Type: UNKNOWN 62575 Source: CCN Type: BID-62575 Cisco MediaSense CVE-2013-5500 Multiple Cross Site Scripting Vulnerabilities Source: SECTRACK Type: UNKNOWN 1029064 Source: XF Type: UNKNOWN cisco-mediasense-cve20135500-xss(87321) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||