CVE-2013-3416: XSS
First published: Wed Jul 10 2013(Updated: )
Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unified Operations Manager | ||
| Cisco Unified Service Monitor |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-3416?
CVE-2013-3416 has been assigned a severity rating that suggests it poses a moderate risk due to its ability to facilitate cross-site scripting attacks.
How do I fix CVE-2013-3416?
To remediate CVE-2013-3416, ensure you apply the latest security patches released by Cisco for Unified Operations Manager and Unified Service Monitor.
Who is affected by CVE-2013-3416?
CVE-2013-3416 affects users of Cisco Unified Operations Manager and Cisco Unified Service Monitor that are susceptible to cross-site scripting vulnerabilities.
What type of vulnerability is CVE-2013-3416?
CVE-2013-3416 is classified as a cross-site scripting (XSS) vulnerability which allows attackers to inject malicious web scripts or HTML.
Can CVE-2013-3416 be exploited remotely?
Yes, CVE-2013-3416 can be exploited remotely, allowing attackers to execute scripts in the context of affected users' sessions.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/tags
- agent/event
- agent/type
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- vendor/cisco
- canonical/cisco unified operations manager
- canonical/cisco unified service monitor