CVE-2021-38701: XSS
First published: Wed Dec 15 2021(Updated: )
Certain Motorola Solutions Avigilon devices allow XSS in the administrative UI. This affects T200/201 before 4.10.0.68; T290 before 4.4.0.80; T008 before 2.2.0.86; T205 before 4.12.0.62; T204 before 3.28.0.166; and T100, T101, T102, and T103 before 2.6.0.180.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Motorola T008 Firmware | <2.2.0.86 | |
| Motorola T008 | ||
| Motorola T100 Firmware | <2.6.0.180 | |
| Motorola T100 | ||
| Motorola T101 Firmware | <2.6.0.180 | |
| Motorola T101 | ||
| Motorola T102 Firmware | <2.6.0.180 | |
| Motorola T102 | ||
| Motorola T103 Firmware | <2.6.0.180 | |
| Motorola T103 | ||
| Motorola T200 Firmware | <4.10.0.68 | |
| Motorola T200 | ||
| Motorola T201 Firmware | <4.10.0.68 | |
| Motorola T201 | ||
| Motorola T204 Firmware | <3.28.0.166 | |
| Motorola T204 | ||
| Motorola T205 Firmware | <4.12.0.62 | |
| Motorola T205 | ||
| Motorola T290 Firmware | <4.4.0.80 | |
| Motorola T290 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2021-38701.
Which Motorola Avigilon devices are affected by this vulnerability?
This vulnerability affects the following Motorola Avigilon devices: T200/201 before 4.10.0.68, T290 before 4.4.0.80, T008 before 2.2.0.86, T205 before 4.12.0.62, T204 before 3.28.0.166, and T100, T101, T102, and T103 before 2.6.0.180.
What is the severity level of CVE-2021-38701?
The severity level of CVE-2021-38701 is medium with a score of 4.8.
How can I fix this vulnerability?
To fix this vulnerability, update the firmware of the affected Motorola Avigilon devices to the versions mentioned in the description.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability on the Avigilon support website at https://support.avigilon.com/s/feed/0D54y00006l9eCMCAY and the Motorola Solutions Trust Center security page at https://www.motorolasolutions.com/en_us/about/trust-center/security.html.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/event
- agent/weakness
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/motorola
- canonical/motorola t008 firmware
- canonical/motorola t008
- canonical/motorola t100 firmware
- canonical/motorola t100
- canonical/motorola t101 firmware
- canonical/motorola t101
- canonical/motorola t102 firmware
- canonical/motorola t102
- canonical/motorola t103 firmware
- canonical/motorola t103
- canonical/motorola t200 firmware
- canonical/motorola t200
- canonical/motorola t201 firmware
- canonical/motorola t201
- canonical/motorola t204 firmware
- canonical/motorola t204
- canonical/motorola t205 firmware
- canonical/motorola t205
- canonical/motorola t290 firmware
- canonical/motorola t290