Home

CVE-2008-3821

Description

Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.

Risk Information

Base Score
6.1
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
8.965

Associated Vulnerability

VulnerabilityOS Platform
Cisco IOS HTTP Server Ping Parameter Cross-Site Scripting Vulnerability For NCM
Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability (CVE-2008-3821)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-1706026Security Update for CAF-1.2.0.0

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234