medium
4.3
CWE
79
Advisory Published
Updated

CVE-2008-3821: XSS

First published: Fri Jan 16 2009(Updated: )

Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.

Credit: ykramarz@cisco.com

Affected SoftwareAffected VersionHow to fix
Puppet Cisco IOS=12.3ym
Puppet Cisco IOS=12.1xg
Puppet Cisco IOS=12.0xc
Puppet Cisco IOS=12.3yq
Puppet Cisco IOS=12.3xr
Puppet Cisco IOS=12.0xk
Puppet Cisco IOS=12.4t
Puppet Cisco IOS=12.0xr
Puppet Cisco IOS=12.1xm
Puppet Cisco IOS=12.1xi
Puppet Cisco IOS=12.2sga
Puppet Cisco IOS=12.3bc
Puppet Cisco IOS=12.0st
Puppet Cisco IOS=12.2xr
Puppet Cisco IOS=12.1xc
Puppet Cisco IOS=12.3ya
Puppet Cisco IOS=12.1xp
Puppet Cisco IOS=12.2cz
Puppet Cisco IOS=12.1ya
Puppet Cisco IOS=12.2sxf
Puppet Cisco IOS=12.1yd
Puppet Cisco IOS=12.2fy
Puppet Cisco IOS=12.0dc
Puppet Cisco IOS=12.0xq
Puppet Cisco IOS=12.1xs
Puppet Cisco IOS=12.2xe
Puppet Cisco IOS=12.0xe
Puppet Cisco IOS=12.3xs
Puppet Cisco IOS=12.2ja
Puppet Cisco IOS=12.2sx
Puppet Cisco IOS=12.3xg
Puppet Cisco IOS=12.4xj
Puppet Cisco IOS=12.2zp
Puppet Cisco IOS=12.3bw
Puppet Cisco IOS=12.1xy
Puppet Cisco IOS=12.3xd
Puppet Cisco IOS=12.2bz
Puppet Cisco IOS=12.0xd
Puppet Cisco IOS=12.3xw
Puppet Cisco IOS=12.4mr
Puppet Cisco IOS=12.2xj
Puppet Cisco IOS=12.2srb
Puppet Cisco IOS=12.2su
Puppet Cisco IOS=12.1xz
Puppet Cisco IOS=12.2xh
Puppet Cisco IOS=12.2xg
Puppet Cisco IOS=12.2ew
Puppet Cisco IOS=12.0xj
Puppet Cisco IOS=12.2b
Puppet Cisco IOS=12.2ixb
Puppet Cisco IOS=12.2svc
Puppet Cisco IOS=12.2sea
Puppet Cisco IOS=12.4xt
Puppet Cisco IOS=12.1t
Puppet Cisco IOS=12.1eo
Puppet Cisco IOS=12.3xi
Puppet Cisco IOS=12.1xr
Puppet Cisco IOS=12.2yn
Puppet Cisco IOS=12.2sxa
Puppet Cisco IOS=12.1db
Puppet Cisco IOS=12.2ey
Puppet Cisco IOS=12.2zx
Puppet Cisco IOS=12.2seg
Puppet Cisco IOS=12.3yj
Puppet Cisco IOS=12.2xb
Puppet Cisco IOS=12.2yf
Puppet Cisco IOS=12.2sg
Puppet Cisco IOS=12.2ixf
Puppet Cisco IOS=12.1xe
Puppet Cisco IOS=12.3jec
Puppet Cisco IOS=12.2xl
Puppet Cisco IOS=12.2ym
Puppet Cisco IOS=12.2yw
Puppet Cisco IOS=12.3yu
Puppet Cisco IOS=12.2yd
Puppet Cisco IOS=12.3xj
Puppet Cisco IOS=12.0xl
Puppet Cisco IOS=12.0xs
Puppet Cisco IOS=12.3t
Puppet Cisco IOS=12.2yb
Puppet Cisco IOS=12.3
Puppet Cisco IOS=12.2mb
Puppet Cisco IOS=12.2dd
Puppet Cisco IOS=12.1eu
Puppet Cisco IOS=12.1xb
Puppet Cisco IOS=12.2zh
Puppet Cisco IOS=12.2da
Puppet Cisco IOS=12.1ga
Puppet Cisco IOS=12.1yf
Puppet Cisco IOS=12.2zu
Puppet Cisco IOS=12.2yv
Puppet Cisco IOS=12.1xl
Puppet Cisco IOS=12.2ixa
Puppet Cisco IOS=12.1ax
Puppet Cisco IOS=12.2sxb
Puppet Cisco IOS=12.2yo
Puppet Cisco IOS=12.2xw
Puppet Cisco IOS=12.3va
Puppet Cisco IOS=12.2t
Puppet Cisco IOS=12.2zc
Puppet Cisco IOS=12.0xb
Puppet Cisco IOS=12.2sv
Puppet Cisco IOS=12.2seb
Puppet Cisco IOS=12.3xz
Puppet Cisco IOS=12.2yt
Puppet Cisco IOS=12.4jx
Puppet Cisco IOS=12.2zya
Puppet Cisco IOS=12.0xh
Puppet Cisco IOS=12.0t
Puppet Cisco IOS=12.1xw
Puppet Cisco IOS=12.4xg
Puppet Cisco IOS=12.2yl
Puppet Cisco IOS=12.2sed
Puppet Cisco IOS=12.2za
Puppet Cisco IOS=12.2xn
Puppet Cisco IOS=12.2ye
Puppet Cisco IOS=12.1yb
Puppet Cisco IOS=12.2ez
Puppet Cisco IOS=12.4jmb
Puppet Cisco IOS=12.4xv
Puppet Cisco IOS=12.3yd
Puppet Cisco IOS=12.4xw
Puppet Cisco IOS=12.2sr
Puppet Cisco IOS=12.1eb
Puppet Cisco IOS=12.2zb
Puppet Cisco IOS=12.2yg
Puppet Cisco IOS=12.2sva
Puppet Cisco IOS=12.2ex
Puppet Cisco IOS=12.1dc
Puppet Cisco IOS=12.2svd
Puppet Cisco IOS=12.1gb
Puppet Cisco IOS=12.2xu
Puppet Cisco IOS=12.2sbc
Puppet Cisco IOS=12.2ixc
Puppet Cisco IOS=12.1ex
Puppet Cisco IOS=12.1yi
Puppet Cisco IOS=12.3xl
Puppet Cisco IOS=12.2yr
Puppet Cisco IOS=12.2se
Puppet Cisco IOS=12.1
Puppet Cisco IOS=12.0sl
Puppet Cisco IOS=12.1yh
Puppet Cisco IOS=12.3yk
Puppet Cisco IOS=12.0db
Puppet Cisco IOS=12.3yf
Puppet Cisco IOS=12.4xd
Puppet Cisco IOS=12.0sz
Puppet Cisco IOS=12.2sec
Puppet Cisco IOS=12.4xp
Puppet Cisco IOS=12.1ec
Puppet Cisco IOS=12.1cx
Puppet Cisco IOS=12.2sb
Puppet Cisco IOS=12.4jda
Puppet Cisco IOS=12.2xm
Puppet Cisco IOS=12.3yt
Puppet Cisco IOS=12.2sy
Puppet Cisco IOS=12.2xk
Puppet Cisco IOS=12.1xh
Puppet Cisco IOS=12.3xb
Puppet Cisco IOS=12.2ixg
Puppet Cisco IOS=12.2zj
Puppet Cisco IOS=12.0xa
Puppet Cisco IOS=12.3yz
Puppet Cisco IOS=12.4xk
Puppet Cisco IOS=12.1xu
Puppet Cisco IOS=12.0sc
Puppet Cisco IOS=12.2zy
Puppet Cisco IOS=12.0sy
Puppet Cisco IOS=12.3jl
Puppet Cisco IOS=12.2jk
Puppet Cisco IOS=12.3yg
Puppet Cisco IOS=12.1xj
Puppet Cisco IOS=12.3xu
Puppet Cisco IOS=12.2zd
Puppet Cisco IOS=12.3xy
Puppet Cisco IOS=12.2cy
Puppet Cisco IOS=12.3xc
Puppet Cisco IOS=12.4jk
Puppet Cisco IOS=12.4
Puppet Cisco IOS=12.2so
Puppet Cisco IOS=12.1aa
Puppet Cisco IOS=12.2tpc
Puppet Cisco IOS=12.0xn
Puppet Cisco IOS=12.2xc
Puppet Cisco IOS=12.2ewa
Puppet Cisco IOS=12.4jl
Puppet Cisco IOS=12.2bc
Puppet Cisco IOS=12.3xe
Puppet Cisco IOS=12.0da
Puppet Cisco IOS=12.1xx
Puppet Cisco IOS=12.4sw
Puppet Cisco IOS=12.0sp
Puppet Cisco IOS=12.2yc
Puppet Cisco IOS=12.3jea
Puppet Cisco IOS=12.2ze
Puppet Cisco IOS=12.3tpc
Puppet Cisco IOS=12.3ja
Puppet Cisco IOS=12.2xs
Puppet Cisco IOS=12.2yp
Puppet Cisco IOS=12.2bw
Puppet Cisco IOS=12.4xa
Puppet Cisco IOS=12.2yy
Puppet Cisco IOS=12.2fx
Puppet Cisco IOS=12.2sz
Puppet Cisco IOS=12.2xi
Puppet Cisco IOS=12.0w
Puppet Cisco IOS=12.3za
Puppet Cisco IOS=12.0wc
Puppet Cisco IOS=12.1ey
Puppet Cisco IOS=12.2yu
Puppet Cisco IOS=12.0xm
Puppet Cisco IOS=12.4xe
Puppet Cisco IOS=12.3yx
Puppet Cisco IOS=12.1xd
Puppet Cisco IOS=12.2dx
Puppet Cisco IOS=12.1ez
Puppet Cisco IOS=12.2ixd
Puppet Cisco IOS=12.2xd
Puppet Cisco IOS=12.2bx
Puppet Cisco IOS=12.3xq
Puppet Cisco IOS=12.2cx
Puppet Cisco IOS=12.2zl
Puppet Cisco IOS=12.4md
Puppet Cisco IOS=12.2yq
Puppet Cisco IOS=12.1xq
Puppet Cisco IOS=12.0s
Puppet Cisco IOS=12.2xf
Puppet Cisco IOS=12.0xt
Puppet Cisco IOS=12.1ay
Puppet Cisco IOS=12.2xq
Puppet Cisco IOS=12.2sef
Puppet Cisco IOS=12.2see
Puppet Cisco IOS=12.3ys
Puppet Cisco IOS=12.3jk
Puppet Cisco IOS=12.2zf
Puppet Cisco IOS=12.3b
Puppet Cisco IOS=12.2sra
Puppet Cisco IOS=12.3jeb
Puppet Cisco IOS=12.2sm
Puppet Cisco IOS=12.1xf
Puppet Cisco IOS=12.3yh
Puppet Cisco IOS=12.2ya
Puppet Cisco IOS=12.1ew
Puppet Cisco IOS=12.4xb
Puppet Cisco IOS=12.1da
Puppet Cisco IOS=12.4ja
Puppet Cisco IOS=12.2xv
Puppet Cisco IOS=12.2
Puppet Cisco IOS=12.1xa
Puppet Cisco IOS=12.0xg
Puppet Cisco IOS=12.2zg
Puppet Cisco IOS=12.3xx
Puppet Cisco IOS=12.0
Puppet Cisco IOS=12.1yc
Puppet Cisco IOS=12.4xc
Puppet Cisco IOS=12.2sw
Puppet Cisco IOS=12.3xa
Puppet Cisco IOS=12.3yi
Puppet Cisco IOS=12.0xv
Puppet Cisco IOS=12.2yk
Puppet Cisco IOS=12.2sxd
Puppet Cisco IOS=12.2yz
Puppet Cisco IOS=12.2xa
Puppet Cisco IOS=12.1xt
Puppet Cisco IOS=12.0sx
Puppet Cisco IOS=12.2ixe
Puppet Cisco IOS=12.0xi
Puppet Cisco IOS=12.1ye
Puppet Cisco IOS=12.3xk
Puppet Cisco IOS=12.1xv
Puppet Cisco IOS=12.2yj
Puppet Cisco IOS=12.2sve
Puppet Cisco IOS=12.2mc
Puppet Cisco IOS=12.1yj
Puppet Cisco IOS=12.2yx
Puppet Cisco IOS=12.2xo
Puppet Cisco IOS=12.2sxe
Puppet Cisco IOS=12.3jx
Puppet Cisco IOS=12.2by
Puppet Cisco IOS=12.2yh
Puppet Cisco IOS=12.2s
Puppet Cisco IOS=12.2fz
Puppet Cisco IOS=12.2xt
Puppet Cisco IOS=12.4jma

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2008-3821?

    CVE-2008-3821 has a severity rating of moderate, indicating it poses a significant risk to affected systems.

  • How do I fix CVE-2008-3821?

    To fix CVE-2008-3821, apply the latest patches provided by Cisco for the affected IOS versions.

  • What versions of Cisco IOS are affected by CVE-2008-3821?

    CVE-2008-3821 affects multiple versions of Cisco IOS, including versions 11.0 through 12.4.

  • What types of attacks are possible with CVE-2008-3821?

    CVE-2008-3821 allows remote attackers to perform cross-site scripting (XSS) attacks.

  • How can I identify if my system is vulnerable to CVE-2008-3821?

    To identify vulnerability to CVE-2008-3821, check if your Cisco IOS version falls within the affected range and if it has not been patched.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203