CVE-2006-3101

Exploit

EPSS 25.63%
Published 21.06.2006 01:02:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco Secure ACS for UNIX 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) error, (2) SSL, and (3) Ok parameters.

Affected products Warnungen 0 Metrics 2 CWE 0 References 13

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Secure Access Control Server Version2.3 Editionunix

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	25.63%	0.958

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

http://secunia.com/advisories/20699

Patch

Vendor Advisory

http://securityreason.com/securityalert/1116

http://securitytracker.com/id?1016317

Patch

Exploit

http://www.cisco.com/en/US/products/sw/secursw/ps4911/tsd_products_security_response09186a00806b8bdb.html

Patch

http://www.osvdb.org/26531

http://www.securityfocus.com/archive/1/437441/100/0/threaded

http://www.securityfocus.com/archive/1/437480/100/0/threaded

http://www.securityfocus.com/bid/18449

Patch

Exploit

http://www.vupen.com/english/advisories/2006/2384

https://exchange.xforce.ibmcloud.com/vulnerabilities/27166

https://nvd.nist.gov/vuln/detail/CVE-2006-3101

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-3101

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-3101

EUVD