Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.802565
Category:General
Title:Cogent OPC DataHub and Cascade DataHub XSS and CRLF Vulnerabilities
Summary:This host is installed with OPC DataHub or Cascade DataHub and is; prone to cross site scripting and CRLF vulnerabilities.
Description:Summary:
This host is installed with OPC DataHub or Cascade DataHub and is
prone to cross site scripting and CRLF vulnerabilities.

Vulnerability Insight:
The flaws are due to unspecified errors in the applications, allows
remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerability Impact:
Successful exploitation could allow remote attackers to execute arbitrary
HTML and script code in a user's browser session in context of an affected
site.

Affected Software/OS:
OPC DataHub version 6.4.20 and prior
Cascade DataHub version 6.4.20 and prior

Solution:
Upgrade to the OPC DataHub version 7.2 or later.

Upgrade to the Cascade DataHub version 7.2 or later.

CVSS Score:
5.8

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:P

Cross-Ref: BugTraq ID: 51375
Common Vulnerability Exposure (CVE) ID: CVE-2012-0310
http://www.securityfocus.com/bid/51375
http://jvn.jp/en/jp/JVN63249231/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000002
http://www.us-cert.gov/control_systems/pdf/ICSA-12-016-01.pdf
http://secunia.com/advisories/47496
http://secunia.com/advisories/47525
XForce ISS Database: cogentdatahub-unspecified-header-injection(72306)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72306
Common Vulnerability Exposure (CVE) ID: CVE-2012-0309
http://jvn.jp/en/jp/JVN12983784/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000001
XForce ISS Database: cogentdatahub-unspecified-xss(72305)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72305
CopyrightCopyright (C) 2012 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.