2.6

CVE-2005-3921

Exploit

EPSS 1.6%
Published 30.11.2005 11:03:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/exec/-/buffers/assigned/dump; or (2) sending the router Cisco Discovery Protocol (CDP) packets with HTML payload that an administrator views via the CDP status pages.  NOTE: these vectors were originally reported as being associated with the dump and packet options in /level/15/exec/-/show/buffers.

Affected products Warnungen 0 Metrics 2 CWE 0 References 15

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Ios Version <= 12.3

Cisco ≫ Ios Version12.3b

Cisco ≫ Ios Version12.3bc

Cisco ≫ Ios Version12.3bw

Cisco ≫ Ios Version12.3ja

Cisco ≫ Ios Version12.3jk

Cisco ≫ Ios Version12.3jx

Cisco ≫ Ios Version12.3t

Cisco ≫ Ios Version12.3tpc

Cisco ≫ Ios Version12.3xa

Cisco ≫ Ios Version12.3xb

Cisco ≫ Ios Version12.3xc

Cisco ≫ Ios Version12.3xd

Cisco ≫ Ios Version12.3xe

Cisco ≫ Ios Version12.3xf

Cisco ≫ Ios Version12.3xg

Cisco ≫ Ios Version12.3xh

Cisco ≫ Ios Version12.3xi

Cisco ≫ Ios Version12.3xj

Cisco ≫ Ios Version12.3xk

Cisco ≫ Ios Version12.3xl

Cisco ≫ Ios Version12.3xm

Cisco ≫ Ios Version12.3xn

Cisco ≫ Ios Version12.3xq

Cisco ≫ Ios Version12.3xr

Cisco ≫ Ios Version12.3xs

Cisco ≫ Ios Version12.3xt

Cisco ≫ Ios Version12.3xu

Cisco ≫ Ios Version12.3xv

Cisco ≫ Ios Version12.3xw

Cisco ≫ Ios Version12.3xx

Cisco ≫ Ios Version12.3xy

Cisco ≫ Ios Version12.3xz

Cisco ≫ Ios Version12.3ya

Cisco ≫ Ios Version12.3yb

Cisco ≫ Ios Version12.3yc

Cisco ≫ Ios Version12.3yd

Cisco ≫ Ios Version12.3ye

Cisco ≫ Ios Version12.3yf

Cisco ≫ Ios Version12.3yg

Cisco ≫ Ios Version12.3yh

Cisco ≫ Ios Version12.3yi

Cisco ≫ Ios Version12.3yj

Cisco ≫ Ios Version12.3yk

Cisco ≫ Ios Version12.3yl

Cisco ≫ Ios Version12.3ym

Cisco ≫ Ios Version12.3yn

Cisco ≫ Ios Version12.3yq

Cisco ≫ Ios Version12.3yr

Cisco ≫ Ios Version12.3ys

Cisco ≫ Ios Version12.3yt

Cisco ≫ Ios Version12.3yu

Cisco ≫ Ios Version12.3yw

Cisco ≫ Ios Version12.3yx

Cisco ≫ Ios Version12.4

Cisco ≫ Ios Version12.4mr

Cisco ≫ Ios Version12.4t

Cisco ≫ Ios Version12.4xa

Cisco ≫ Ios Version12.4xb

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.6%	0.809

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.6	4.9	2.9	AV:N/AC:H/Au:N/C:N/I:P/A:N

http://secunia.com/advisories/17780

http://secunia.com/advisories/18528

http://securityreason.com/securityalert/227

http://securitytracker.com/id?1015275

http://www.cisco.com/warp/public/707/cisco-sa-20051201-http.shtml

http://www.idefense.com/intelligence/vulnerabilities/display.php?id=372

http://www.infohacking.com/INFOHACKING_RESEARCH/Our_Advisories/cisco/index.html

Vendor Advisory

Exploit

http://www.securityfocus.com/archive/1/417916/100/0/threaded

http://www.securityfocus.com/bid/15602

Exploit

http://www.securityfocus.com/bid/16291

http://www.vupen.com/english/advisories/2005/2657

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5867

https://nvd.nist.gov/vuln/detail/CVE-2005-3921

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-3921

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-3921

EUVD