Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cisco Unified Operations Manager allow remote attackers to inject arbitrary web script or HTML, and obtain improperly secured cookies, via unspecified vectors, aka Bug ID CSCud80186.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Operations Manager | - |
Related Weaknesses (CWE)
References
- http://osvdb.org/95584
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3440Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=30175Vendor Advisory
- http://www.securityfocus.com/bid/61414
- http://www.securitytracker.com/id/1028819
- http://osvdb.org/95584
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3440Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=30175Vendor Advisory
- http://www.securityfocus.com/bid/61414
- http://www.securitytracker.com/id/1028819
FAQ
What is CVE-2013-3440?
CVE-2013-3440 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cisco Unified Operations Manager allow remote attackers to inject arbitrary web script or HTML, and obtain im...
How severe is CVE-2013-3440?
CVE-2013-3440 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-3440?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Operations Manager.