Published: 04/05/2010 Updated: 04/05/2010

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in Cisco Router and Security Device Manager (SDM) allows remote malicious users to inject arbitrary web script or HTML via unknown vectors, aka Bug ID CSCtb38467.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco router and security device manager
cisco router and security device manager 2.5

Cisco Router and Security Device Manager versions 25 and prior contain a vulnerability that could allow attackers to conduct cross-site scripting attacks The vulnerability exists due to improper validation of parameters processed by the application An unauthenticated, remote attacker could exploit the vulnerability by convincing a user to follo ...

CWE-79 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000014.html http://jvn.jp/en/jp/JVN14313132/index.html https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20100429-CVE-2010-0594

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-0594

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect