CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-4685

Cross-site scripting (XSS) vulnerability in Arbor Networks Peakflow SP 5.1.1 before patch 6, 5.5 before patch 4, and 5.6.0 before patch 1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 80.1%

CVSS Severity

CVSS v2 Score 4.3

References

http://archives.neohapsis.com/archives/bugtraq/2012-04/0019.html
http://archives.neohapsis.com/archives/bugtraq/2012-04/0036.html
http://archives.neohapsis.com/archives/bugtraq/2012-04/0037.html
http://secunia.com/advisories/48728
http://www.securityfocus.com/bid/52881
https://exchange.xforce.ibmcloud.com/vulnerabilities/74648
http://archives.neohapsis.com/archives/bugtraq/2012-04/0019.html
http://archives.neohapsis.com/archives/bugtraq/2012-04/0036.html
http://archives.neohapsis.com/archives/bugtraq/2012-04/0037.html
http://secunia.com/advisories/48728
http://www.securityfocus.com/bid/52881
https://exchange.xforce.ibmcloud.com/vulnerabilities/74648

Products affected by CVE-2012-4685

Arbornetworks » Peakflow Sp » Version: 5.1.1

cpe:2.3:a:arbornetworks:peakflow_sp:5.1.1
Arbornetworks » Peakflow Sp » Version: 5.5

cpe:2.3:a:arbornetworks:peakflow_sp:5.5
Arbornetworks » Peakflow Sp » Version: 5.6.0

cpe:2.3:a:arbornetworks:peakflow_sp:5.6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-4685

Products

Pricing

Contact Us