CVE-2016-9202

A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) Switches could allow an unauthenticated, remote attacker to conduct a persistent cross-site scripting (XSS) attack against a user of the affected interface on an affected device. More Information: CSCvb37346. Known Affected Releases: 9.1.1-036 9.7.1-066.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:email_security_appliance:9.1.1-036:*:*:*:*:*:*:*
cpe:2.3:a:cisco:email_security_appliance:9.1.2-023:*:*:*:*:*:*:*
cpe:2.3:a:cisco:email_security_appliance:9.1.2-028:*:*:*:*:*:*:*
cpe:2.3:a:cisco:email_security_appliance:9.1.2-036:*:*:*:*:*:*:*
cpe:2.3:a:cisco:email_security_appliance:9.4.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:email_security_appliance:9.4.4-000:*:*:*:*:*:*:*
cpe:2.3:a:cisco:email_security_appliance:9.5.0-000:*:*:*:*:*:*:*
cpe:2.3:a:cisco:email_security_appliance:9.5.0-201:*:*:*:*:*:*:*
cpe:2.3:a:cisco:email_security_appliance:9.6.0-000:*:*:*:*:*:*:*
cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*
cpe:2.3:a:cisco:email_security_appliance:9.6.0-051:*:*:*:*:*:*:*
cpe:2.3:a:cisco:email_security_appliance:9.7.0-125:*:*:*:*:*:*:*
cpe:2.3:a:cisco:email_security_appliance:9.7.1-066:*:*:*:*:*:*:*
cpe:2.3:a:cisco:email_security_appliance:9.7.2-046:*:*:*:*:*:*:*
cpe:2.3:a:cisco:email_security_appliance:9.7.2-047:*:*:*:*:*:*:*
cpe:2.3:a:cisco:email_security_appliance:9.7.2-054:*:*:*:*:*:*:*

History

No history.

Information

Published : 2016-12-14 00:59

Updated : 2024-02-04 19:11


NVD link : CVE-2016-9202

Mitre link : CVE-2016-9202

CVE.ORG link : CVE-2016-9202


JSON object : View

Products Affected

cisco

  • email_security_appliance
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')