Vulnerability-Lookup - Search a vulnerability

Vulnerabilites related to axis - m1054_network_camera

Vulnerability from fkie_nvd

Published

2013-02-12 20:55

Modified

2024-11-21 01:34

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in serverreport.cgi in Axis M10 Series Network Cameras M1054 firmware 5.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the pageTitle parameter to admin/showReport.shtml.

References

URL	Tags
cve@mitre.org	http://metzgersecurity.blogspot.com/2011/11/xss-vulnerability-axis-m10-series.html	Exploit
cve@mitre.org	http://osvdb.org/77395
cve@mitre.org	http://secunia.com/advisories/47037	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/50968
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/71687
af854a3a-2127-422b-91ae-364da2661108	http://metzgersecurity.blogspot.com/2011/11/xss-vulnerability-axis-m10-series.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/77395
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/47037	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/50968
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/71687

Impacted products

	Vendor	Product	Version
	axis	m10_series_network_cameras_firmware	*
	axis	m1054_network_camera	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:axis:m10_series_network_cameras_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "08E26155-BE57-4284-9B5E-F4815695988A",
              "versionEndIncluding": "5.21",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:axis:m1054_network_camera:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F8D1321-294F-4F77-AB0C-E821B2866BE5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in serverreport.cgi in Axis M10 Series Network Cameras M1054 firmware 5.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the pageTitle parameter to admin/showReport.shtml."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en serverreport.cgi en Axis M10 Series Network Cameras M1054 firmware v5.21, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del par\u00e1metro pageTitle para admin/showReport.shtml."
    }
  ],
  "id": "CVE-2011-5261",
  "lastModified": "2024-11-21T01:34:00.570",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-02-12T20:55:03.730",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://metzgersecurity.blogspot.com/2011/11/xss-vulnerability-axis-m10-series.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/77395"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/47037"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/50968"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71687"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://metzgersecurity.blogspot.com/2011/11/xss-vulnerability-axis-m10-series.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/77395"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/47037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/50968"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71687"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2011-5261

Vulnerability from cvelistv5