4.3
CVE-2006-3101
- EPSS 23.6%
- Veröffentlicht 21.06.2006 01:02:00
- Zuletzt bearbeitet 16.06.2026 22:26:24
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco Secure ACS for UNIX 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) error, (2) SSL, and (3) Ok parameters.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Secure Access Control Server Version2.3 Editionunix
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 23.6% | 0.975 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://secunia.com/advisories/20699
http://securityreason.com/securityalert/1116
http://securitytracker.com/id?1016317
http://www.cisco.com/en/US/products/sw/secursw/ps4911/tsd_products_security_response09186a00806b8bdb.html
http://www.osvdb.org/26531
http://www.securityfocus.com/archive/1/437441/100/0/threaded
http://www.securityfocus.com/archive/1/437480/100/0/threaded
http://www.securityfocus.com/bid/18449
http://www.vupen.com/english/advisories/2006/2384
https://exchange.xforce.ibmcloud.com/vulnerabilities/27166