NVD

Id
21245  
Name
CVE-2016-6472  
Description
A vulnerability in several parameters of the ccmivr page of Cisco Unified Communication Manager (CallManager) could allow an unauthenticated, remote attacker to launch a cross-site scripting (XSS) attack against a user of the web interface on the affected system. More Information: CSCvb37121. Known Affected Releases: 11.5(1.2). Known Fixed Releases: 11.5(1.11950.96) 11.5(1.12900.2) 12.0(0.98000.133) 12.0(0.98000.313) 12.0(0.98000.404).  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2016-11-18  
Modified Date
2016-11-28  
Seq
2016-6472  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
115320 21245 CVE-2016-6472 94364  View
115321 21245 CVE-2016-6472 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-ucm  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
5142 JVNDB-2016-005915 Cisco Unified Communication Manager の ccmivr ページにおけるクロスサイトスクリプティングの脆弱性 Cisco Unified Communication Manager (CallManager) の ccmivr ページのいくつかのパラメータには、Web インターフェースのユーザに対してクロスサイトスクリプティング攻撃を実行される脆弱性が存在します。 CVE-2016-6472 92979 CVE-2016-6472 21245 4.3 6.1 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-005915.html 2016-11-16 2016-11-24 View