1. Home
  2. CVE Database
  3. CVE-2015-2850
MEDIUM · 4.3

CVE-2015-2850

Cross-site scripting (XSS) vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices allows remote attackers ...

Vulnerability Description

Cross-site scripting (XSS) vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N
Confidentiality
NONE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
AntlabsInngate Ig 3.01 E-
AntlabsInngate Ig 3.10 E-
AntlabsInngate Ig 3.10 M-
AntlabsInngate Ig 3100-
AntlabsInngate Sg 4-
AntlabsInngate Ssg 4-

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2015-2850?

CVE-2015-2850 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices allows remote attackers ...

How severe is CVE-2015-2850?

CVE-2015-2850 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-2850?

Check the references section above for vendor advisories and patch information. Affected products include: Antlabs Inngate Ig 3.01 E, Antlabs Inngate Ig 3.10 E, Antlabs Inngate Ig 3.10 M, Antlabs Inngate Ig 3100, Antlabs Inngate Sg 4.