Vulnerability Description
Cross-site scripting (XSS) vulnerability in the login page in Cisco Network Analysis Module (NAM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCum81269.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Network Analysis Module Firmware | 6.0\(2\) |
| Cisco | Network Analysis Module 2304 | All versions |
| Cisco | Network Analysis Module 2320 | All versions |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0656Vendor Advisory
- http://www.securitytracker.com/id/1031827
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0656Vendor Advisory
- http://www.securitytracker.com/id/1031827
FAQ
What is CVE-2015-0656?
CVE-2015-0656 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the login page in Cisco Network Analysis Module (NAM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSC...
How severe is CVE-2015-0656?
CVE-2015-0656 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-0656?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Network Analysis Module Firmware, Cisco Network Analysis Module 2304, Cisco Network Analysis Module 2320.