4.3

CVE-2008-3482

Cross-site scripting (XSS) vulnerability in the error page feature in Panasonic Network Camera BL-C111, BL-C131, BB-HCM511, BB-HCM531, BB-HCM580, BB-HCM581, BB-HCM527, and BB-HCM515 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PanasonicBb Hcm511 Version3.20 Updater01
PanasonicBb Hcm515 Version3.20 Updater01
PanasonicBb Hcm527 Version3.30 Updater01
PanasonicBb Hcm531 Version3.20 Updater01
PanasonicBb Hcm580 Version3.21 Updater00
PanasonicBb Hcm581 Version3.21 Updater00
PanasonicBl C111 Version3.14 Updater02
PanasonicBl C131 Version3.14 Updater03
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.22% 0.648
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

http://jvn.jp/en/jp/JVN33706820/index.html
http://jvndb.jvn.jp/contents/ja/2008/JVNDB-2008-000037.html
http://panasonic.net/pcc/support/netwkcam/support/info_xss.html
Patch
http://secunia.com/advisories/31304
Vendor Advisory
http://www.vupen.com/english/advisories/2008/2257/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/44118