CVE-2014-2116

Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject web pages and modify dynamic content via unspecified parameters, aka Bug ID CSCun37882.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2116	Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=33641	Vendor Advisory
http://www.securityfocus.com/bid/66632
http://www.securitytracker.com/id/1030019

Configurations

Configuration 1 (hide)

cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-04-04 15:10

Updated : 2024-02-04 18:35

NVD link : CVE-2014-2116

Mitre link : CVE-2014-2116

CVE.ORG link : CVE-2014-2116

JSON object : View

Products Affected

cisco

emergency_responder

CWE

CWE-20

Improper Input Validation

4.3 /10