admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2007/CVE-2007-46xx/CVE-2007-4633.json
cad-safe-bot 1a4f456b11 Auto-Update: 2024-11-22T07:12:16.597899+00:00
2024-11-22 07:15:30 +00:00

227 lines
8.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2007-4633",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-08-31T23:17:00.000",
"lastModified": "2024-11-21T00:36:04.297",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web script or HTML via the lang variable to the (1) user or (2) admin logon page, aka CSCsi10728."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Cisco CallManager y Unified Communications Manager (CUCM) versiones anteriores a 3.3(5)sr2b, 4.1 versiones anteriores a 4.1(3)sr5, 4.2 versiones anteriores a 4.2(3)sr2, y 4.3 versiones anteriores a 4.3(1)sr1, permite a atacantes remotos inyectar scripts web o HTML de su elecci\u00f3n mediante la variable lang en la p\u00e1gina de acceso de (1) usuario \u00f3 (2) administrador, tambi\u00e9n conocido como CSCsi10728."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"baseScore": 4.3,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "19432E5E-EA68-4B7A-8B99-DEBACBC3F160"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2b:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE4CD8E-F27C-4F96-B955-FC1E71B5D55B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:3.3\\(5\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6049596-9D62-4EC4-BEAE-A2023F6F3346"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:3.3\\(5\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "87560280-EF6A-46DC-9368-0C98E0A5B7E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:3.3\\(5\\)sr2a:*:*:*:*:*:*:*",
"matchCriteriaId": "F977BD4D-308D-4415-9302-5C44238881A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "373E71AE-C735-4476-A574-56C35BAD8DB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:4.1\\(3\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9AA9D0-3205-4A5D-8161-C80D1855D91E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:4.1\\(3\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "B771F3F8-CD24-4710-A7A8-D4F9E0DB4BB2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:4.1\\(3\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "71DA8A99-A678-42F8-AFC5-323E77D9BCC5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:4.1\\(3\\)sr4:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C30434-29FD-45D4-B9D8-BEB65FE4471A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA55FCB-FFFB-495F-86A8-262E7995B519"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:4.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E6ECFC2B-9978-46FF-BC4E-A81B9B835E29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:4.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3979687E-2BDE-42CD-ACF6-5EE3AF6CD5B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:4.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB63E43F-96D1-442E-8AA7-B0183117F6A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:4.2\\(3\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "86960ABE-F133-49EE-A8E3-70CF1DD93ADC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:4.2\\(3\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "36C8C9AA-8AA2-40C2-88A2-0860543601C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98B77A94-5477-4703-9421-2266EC603319"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:4.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5AF86C50-A2B2-4944-8361-C67766DCA2DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:call_manager:4.3\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "C98C1833-23B0-4559-BA64-A8BD30828ACB"
}
]
}
]
}
],
"references": [
{
"url": "http://secunia.com/advisories/26641",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://securitytracker.com/id?1018624",
"source": "cve@mitre.org"
},
{
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808ae327.shtml",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/25480",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2007/3010",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36325",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/26641",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://securitytracker.com/id?1018624",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808ae327.shtml",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/25480",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.vupen.com/english/advisories/2007/3010",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36325",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink