CVE-2008-3821
Last modified
CVE-2008-3821 is a vulnerability of currently unknown severity. Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.. EPSS estimates a 5.45% chance of exploitation in the next 30 days.
Description
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios | 12.0 |
| Cisco | Ios | 12.0da |
| Cisco | Ios | 12.0db |
| Cisco | Ios | 12.0dc |
| Cisco | Ios | 12.0s |
| Cisco | Ios | 12.0sc |
| Cisco | Ios | 12.0sl |
| Cisco | Ios | 12.0sp |
| Cisco | Ios | 12.0st |
| Cisco | Ios | 12.0sx |
| Cisco | Ios | 12.0sy |
| Cisco | Ios | 12.0sz |
| Cisco | Ios | 12.0t |
| Cisco | Ios | 12.0w |
| Cisco | Ios | 12.0wc |
| Cisco | Ios | 12.0xa |
| Cisco | Ios | 12.0xb |
| Cisco | Ios | 12.0xc |
| Cisco | Ios | 12.0xd |
| Cisco | Ios | 12.0xe |
| Cisco | Ios | 12.0xg |
| Cisco | Ios | 12.0xh |
| Cisco | Ios | 12.0xi |
| Cisco | Ios | 12.0xj |
| Cisco | Ios | 12.0xk |
| Cisco | Ios | 12.0xl |
| Cisco | Ios | 12.0xm |
| Cisco | Ios | 12.0xn |
| Cisco | Ios | 12.0xq |
| Cisco | Ios | 12.0xr |
| Cisco | Ios | 12.0xs |
| Cisco | Ios | 12.0xt |
| Cisco | Ios | 12.0xv |
| Cisco | Ios | 12.1 |
| Cisco | Ios | 12.1aa |
| Cisco | Ios | 12.1ax |
| Cisco | Ios | 12.1ay |
| Cisco | Ios | 12.1cx |
| Cisco | Ios | 12.1da |
| Cisco | Ios | 12.1db |
| Cisco | Ios | 12.1dc |
| Cisco | Ios | 12.1eb |
| Cisco | Ios | 12.1ec |
| Cisco | Ios | 12.1eo |
| Cisco | Ios | 12.1eu |
| Cisco | Ios | 12.1ew |
| Cisco | Ios | 12.1ex |
| Cisco | Ios | 12.1ey |
| Cisco | Ios | 12.1ez |
| Cisco | Ios | 12.1ga |
Showing 50 of 284 affected configurations. See NVD for the full list.
References
- http://jvn.jp/en/jp/JVN28344798/index.htmlThird Party Advisory, VDB Entry
- http://osvdb.org/51393Broken Link
- http://osvdb.org/51394Broken Link
- http://secunia.com/advisories/33461Third Party Advisory
- http://securityreason.com/securityalert/4916Third Party Advisory
- http://securitytracker.com/id?1021598Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/33260Third Party Advisory, VDB Entry
- http://www.vupen.com/english/advisories/2009/0138Not Applicable
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47947Third Party Advisory, VDB Entry
- http://jvn.jp/en/jp/JVN28344798/index.htmlThird Party Advisory, VDB Entry
- http://osvdb.org/51393Broken Link
- http://osvdb.org/51394Broken Link
- http://secunia.com/advisories/33461Third Party Advisory
- http://securityreason.com/securityalert/4916Third Party Advisory
- http://securitytracker.com/id?1021598Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/33260Third Party Advisory, VDB Entry
- http://www.vupen.com/english/advisories/2009/0138Not Applicable
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47947Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2008-3821?
How severe is CVE-2008-3821?
How do I fix CVE-2008-3821?
Are you affected by CVE-2008-3821?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST