var-201905-0583
Vulnerability from variot
Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the WebVPN portal of an affected device. The vulnerabilities exist because the software insufficiently validates user-supplied input on an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. An attacker would need administrator privileges on the device to exploit these vulnerabilities. Multiple Cisco Products are prone to multiple cross-site scripting vulnerabilities because they fail to properly sanitize user-supplied input. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug IDs CSCvn78674, CSCvo11406, CSCvo11416, CSCvo17033. The vulnerability stems from the lack of correct validation of client data in WEB applications
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201905-0583", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "adaptive security appliance software", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "9.7" }, { "model": "firepower threat defense", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "6.3.0" }, { "model": "adaptive security appliance software", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "9.10.1.17" }, { "model": "adaptive security appliance software", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "9.8.4" }, { "model": "firepower threat defense", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "6.2.1" }, { "model": "adaptive security appliance software", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "9.6.4.25" }, { "model": "firepower threat defense", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "6.3.0.3" }, { "model": "adaptive security appliance software", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "9.5" }, { "model": "firepower threat defense", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "6.2.3.12" }, { "model": "adaptive security appliance software", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "9.9.2.50" }, { "model": "adaptive security appliance software", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "9.4.4.34" }, { "model": "adaptive security appliance software", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "9.10" }, { "model": "adaptive security appliance software", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "9.9" }, { "model": "adaptive security appliance software", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "firepower threat defense software", "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "firepower threat defense virtual", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "firepower security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "93000" }, { "model": "firepower series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "41000" }, { "model": "firepower series", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "21000" }, { "model": "asa services module for cisco catalyst series switches", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "65000" }, { "model": "asa services module for cisco series routers", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "76000" }, { "model": "asa adaptive security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "55050" }, { "model": "asa series firewalls", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "5500-x9.9(2)" }, { "model": "asa series firewalls", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "5500-x9.8(1)" }, { "model": "asa series firewalls", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "5500-x9.6(2)" }, { "model": "asa series firewalls", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "5500-x9.4(4)" }, { "model": "asa series firewalls", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "5500-x0" }, { "model": "asa cloud firewall", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1000v0" }, { "model": "adaptive security virtual appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "series industrial security appliances", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "30000" } ], "sources": [ { "db": "BID", "id": "108152" }, { "db": "JVNDB", "id": "JVNDB-2019-003888" }, { "db": "NVD", "id": "CVE-2019-1701" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.4.4.34", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.6.4.25", "versionStartIncluding": "9.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.8.4", "versionStartIncluding": "9.7", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.9.2.50", "versionStartIncluding": "9.9", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.10.1.17", "versionStartIncluding": "9.10", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "6.3.0.3", "versionStartIncluding": "6.3.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "6.2.3.12", "versionStartIncluding": "6.2.1", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2019-1701" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Qian Chen of Qihoo 360 Information Security Department for reporting one of these vulnerabilities. The other vulnerabilities in this advisory were found during internal security testing.", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-031" } ], "trust": 0.6 }, "cve": "CVE-2019-1701", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "exploitabilityScore": 6.8, "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "Single", "author": "NVD", "availabilityImpact": "None", "baseScore": 3.5, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2019-1701", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Low", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "exploitabilityScore": 6.8, "id": "VHN-149213", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "LOW", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 1.7, "impactScore": 2.7, "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "trust": 2.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 4.8, "baseSeverity": "Medium", "confidentialityImpact": "Low", "exploitabilityScore": null, "id": "CVE-2019-1701", "impactScore": null, "integrityImpact": "Low", "privilegesRequired": "High", "scope": "Changed", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2019-1701", "trust": 1.8, "value": "MEDIUM" }, { "author": "ykramarz@cisco.com", "id": "CVE-2019-1701", "trust": 1.0, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201905-031", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-149213", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-149213" }, { "db": "JVNDB", "id": "JVNDB-2019-003888" }, { "db": "NVD", "id": "CVE-2019-1701" }, { "db": "NVD", "id": "CVE-2019-1701" }, { "db": "CNNVD", "id": "CNNVD-201905-031" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the WebVPN portal of an affected device. The vulnerabilities exist because the software insufficiently validates user-supplied input on an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. An attacker would need administrator privileges on the device to exploit these vulnerabilities. Multiple Cisco Products are prone to multiple cross-site scripting vulnerabilities because they fail to properly sanitize user-supplied input. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. \nThis issue is being tracked by Cisco Bug IDs CSCvn78674, CSCvo11406, CSCvo11416, CSCvo17033. The vulnerability stems from the lack of correct validation of client data in WEB applications", "sources": [ { "db": "NVD", "id": "CVE-2019-1701" }, { "db": "JVNDB", "id": "JVNDB-2019-003888" }, { "db": "BID", "id": "108152" }, { "db": "VULHUB", "id": "VHN-149213" } ], "trust": 1.98 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-1701", "trust": 2.8 }, { "db": "BID", "id": "108152", "trust": 2.0 }, { "db": "JVNDB", "id": "JVNDB-2019-003888", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201905-031", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2019.1510.2", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-149213", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-149213" }, { "db": "BID", "id": "108152" }, { "db": "JVNDB", "id": "JVNDB-2019-003888" }, { "db": "NVD", "id": "CVE-2019-1701" }, { "db": "CNNVD", "id": "CNNVD-201905-031" } ] }, "id": "VAR-201905-0583", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-149213" } ], "trust": 0.713506475 }, "last_update_date": "2023-12-18T12:00:07.368000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "cisco-sa-20190501-asa-ftd-xss", "trust": 0.8, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-asa-ftd-xss" }, { "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Fixes for cross-site scripting vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=92182" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-003888" }, { "db": "CNNVD", "id": "CNNVD-201905-031" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-79", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-149213" }, { "db": "JVNDB", "id": "JVNDB-2019-003888" }, { "db": "NVD", "id": "CVE-2019-1701" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "http://www.securityfocus.com/bid/108152" }, { "trust": 2.0, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-asa-ftd-xss" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-1701" }, { "trust": 0.9, "url": "http://www.cisco.com/" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1701" }, { "trust": 0.6, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-asa-ftd-ike-dos" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/80090" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/cisco-asa-cross-site-scripting-via-webvpn-29197" } ], "sources": [ { "db": "VULHUB", "id": "VHN-149213" }, { "db": "BID", "id": "108152" }, { "db": "JVNDB", "id": "JVNDB-2019-003888" }, { "db": "NVD", "id": "CVE-2019-1701" }, { "db": "CNNVD", "id": "CNNVD-201905-031" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-149213" }, { "db": "BID", "id": "108152" }, { "db": "JVNDB", "id": "JVNDB-2019-003888" }, { "db": "NVD", "id": "CVE-2019-1701" }, { "db": "CNNVD", "id": "CNNVD-201905-031" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-03T00:00:00", "db": "VULHUB", "id": "VHN-149213" }, { "date": "2019-05-01T00:00:00", "db": "BID", "id": "108152" }, { "date": "2019-05-23T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-003888" }, { "date": "2019-05-03T16:29:00.367000", "db": "NVD", "id": "CVE-2019-1701" }, { "date": "2019-05-01T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-031" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-10-09T00:00:00", "db": "VULHUB", "id": "VHN-149213" }, { "date": "2019-05-01T00:00:00", "db": "BID", "id": "108152" }, { "date": "2019-05-23T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-003888" }, { "date": "2023-08-15T15:24:56.340000", "db": "NVD", "id": "CVE-2019-1701" }, { "date": "2019-05-08T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-031" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-031" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software cross-site scripting vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-003888" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "XSS", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-031" } ], "trust": 0.6 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.