3.5

CVE-2007-1467

EPSS 0.56%
Published 16.03.2007 21:19:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form.

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Acs Solution Engine Version4.1

Cisco ≫ Acs Solution Engine Version4.1 Editionwindows

Cisco ≫ Ciscoworks

Cisco ≫ Ip Communicator

Cisco ≫ Meetingplace

Cisco ≫ Security Device Manager

Cisco ≫ Unified Meetingplace

Cisco ≫ Unified Meetingplace Express

Cisco ≫ Unified Personal Communicator

Cisco ≫ Unified Video Advantage

Cisco ≫ Unified Videoconferencing

Cisco ≫ Unified Videoconferencing Manager

Cisco ≫ Vpn Client Version3.5.1 Editionlinux

Cisco ≫ Vpn Client Version3.5.1 Editionsolaris

Cisco ≫ Vpn Client Version3.5.2 Editionlinux

Cisco ≫ Vpn Client Version3.5.2 Editionmac_os_x

Cisco ≫ Vpn Client Version3.5.2 Editionsolaris

Cisco ≫ Vpn Client Version3.5.2b Editionlinux

Cisco ≫ Vpn Client Version3.5.2b Editionmac_os_x

Cisco ≫ Vpn Client Version3.5.2b Editionsolaris

Cisco ≫ Vpn Client Version3.5.4 Editionlinux

Cisco ≫ Vpn Client Version3.5.4 Editionmac_os_x

Cisco ≫ Vpn Client Version3.5.4 Editionsolaris

Cisco ≫ Vpn Client Version3.6 Editionlinux

Cisco ≫ Vpn Client Version3.6 Editionmac_os_x

Cisco ≫ Vpn Client Version3.6 Editionsolaris

Cisco ≫ Vpn Client Version3.6.1 Editionlinux

Cisco ≫ Vpn Client Version3.6.1 Editionmac_os_x

Cisco ≫ Vpn Client Version3.6.1 Editionsolaris

Cisco ≫ Vpn Client Version4.0.2a Editionmac_os_x

Cisco ≫ Vpn Client Version4.0.2a Editionsolaris

Cisco ≫ Vpn Client Version4.0.2c Editionmac_os_x

Cisco ≫ Vpn Client Version4.0.2c Editionsolaris

Cisco ≫ Vpn Client Version4.8.1 Editionwindows

Cisco ≫ Wan Manager

Cisco ≫ Wireless Lan Controllers

Cisco ≫ Wireless Lan Solution Engine

Cisco ≫ Call Manager

Cisco ≫ Network Analysis Module

Cisco ≫ Wireless Control System Version4.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.56%	0.672

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	3.5	6.8	2.9	AV:N/AC:M/Au:S/C:N/I:P/A:N

http://secunia.com/advisories/24499

http://securityreason.com/securityalert/2437

http://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.html

Vendor Advisory

http://www.securityfocus.com/archive/1/462932/100/0/threaded

http://www.securityfocus.com/archive/1/462944/100/0/threaded

http://www.securityfocus.com/bid/22982

http://www.securitytracker.com/id?1017778

http://www.vupen.com/english/advisories/2007/0973

https://exchange.xforce.ibmcloud.com/vulnerabilities/33024

https://nvd.nist.gov/vuln/detail/CVE-2007-1467

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-1467

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-1467

EUVD