CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-3294

Cross-site scripting (XSS) vulnerability in the login page in the administrative interface on Cisco TelePresence Video Communication Servers (VCS) with software before X7.0 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header, aka Bug ID CSCts80342.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 62.9%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2011-3294

Cisco » Telepresence Video Communication Servers Software » Version: Any

cpe:2.3:a:cisco:telepresence_video_communication_servers_software:*
Cisco » Telepresence Video Communication Servers Software » Version: x5.2

cpe:2.3:a:cisco:telepresence_video_communication_servers_software:x5.2
Cisco » Telepresence Video Communication Servers Software » Version: x6.0

cpe:2.3:a:cisco:telepresence_video_communication_servers_software:x6.0
Cisco » Telepresence Video Communication Servers » Version: Any

cpe:2.3:h:cisco:telepresence_video_communication_servers:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-3294

Products

Pricing

Contact Us