Published: 14/12/2016 Updated: 22/12/2016

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) Switches could allow an unauthenticated, remote malicious user to conduct a persistent cross-site scripting (XSS) attack against a user of the affected interface on an affected device. More Information: CSCvb37346. Known Affected Releases: 9.1.1-036 9.7.1-066.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco email security appliance 9.1.2-023
cisco email security appliance 9.4.4-000
cisco email security appliance 9.7.1-066
cisco email security appliance 9.6.0-042
cisco email security appliance 9.1.1-036
cisco email security appliance 9.7.2-047
cisco email security appliance 9.1.2-036
cisco email security appliance 9.6.0-000
cisco email security appliance 9.7.0-125
cisco email security appliance 9.7.2-054
cisco email security appliance 9.5.0-000
cisco email security appliance 9.5.0-201
cisco email security appliance 9.4.0
cisco email security appliance 9.7.2-046
cisco email security appliance 9.6.0-051
cisco email security appliance 9.1.2-028

CWE-79 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa1 http://www.securityfocus.com/bid/94799 http://www.securitytracker.com/id/1037423 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-9202

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect