Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2011-0959
Deferred
More InfoOfficial Page
Source-psirt@cisco.com
View Known Exploited Vulnerability (KEV) details
Published At-20 May, 2011 | 22:55
Updated At-11 Apr, 2025 | 00:51

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N
CPE Matches
Cisco Systems, Inc.
cisco
>>unified_operations_manager>>Versions up to 8.5(inclusive)
cpe:2.3:a:cisco:unified_operations_manager:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_operations_manager>>1.1
cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_operations_manager>>2.0
cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_operations_manager>>2.0.1
cpe:2.3:a:cisco:unified_operations_manager:2.0.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_operations_manager>>2.0.2
cpe:2.3:a:cisco:unified_operations_manager:2.0.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_operations_manager>>2.0.3
cpe:2.3:a:cisco:unified_operations_manager:2.0.3:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_operations_manager>>2.1
cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_operations_manager>>2.2
cpe:2.3:a:cisco:unified_operations_manager:2.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_operations_manager>>2.3
cpe:2.3:a:cisco:unified_operations_manager:2.3:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_operations_manager>>8.0
cpe:2.3:a:cisco:unified_operations_manager:8.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-79Primarynvd@nist.gov
CWE ID: CWE-79
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.htmlpsirt@cisco.com
Exploit
http://tools.cisco.com/security/center/viewAlert.x?alertId=23085psirt@cisco.com
Vendor Advisory
http://www.exploit-db.com/exploits/17304psirt@cisco.com
Exploit
http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdfpsirt@cisco.com
Exploit
URL Repurposed
https://exchange.xforce.ibmcloud.com/vulnerabilities/67521psirt@cisco.com
N/A
http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.htmlaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://tools.cisco.com/security/center/viewAlert.x?alertId=23085af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.exploit-db.com/exploits/17304af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdfaf854a3a-2127-422b-91ae-364da2661108
Exploit
URL Repurposed
https://exchange.xforce.ibmcloud.com/vulnerabilities/67521af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html
Source: psirt@cisco.com
Resource:
Exploit
Hyperlink: http://tools.cisco.com/security/center/viewAlert.x?alertId=23085
Source: psirt@cisco.com
Resource:
Vendor Advisory
Hyperlink: http://www.exploit-db.com/exploits/17304
Source: psirt@cisco.com
Resource:
Exploit
Hyperlink: http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf
Source: psirt@cisco.com
Resource:
Exploit
URL Repurposed
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/67521
Source: psirt@cisco.com
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://tools.cisco.com/security/center/viewAlert.x?alertId=23085
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.exploit-db.com/exploits/17304
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
URL Repurposed
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/67521
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found