Cross-Site Scripting Vulnerability in Cisco Transport Gateway
CVE-2016-6359

6.1MEDIUM

Key Information:

Vendor

Cisco
Status
Transport Gateway Installation Software
Vendor
CVE Published:
22 August 2016

What is CVE-2016-6359?

A cross-site scripting (XSS) vulnerability exists in Cisco Transport Gateway Installation Software 4.1(4.0) that could allow a remote attacker to inject arbitrary web scripts or HTML through a crafted value. This can potentially lead to unauthorized actions performed in the context of a logged-in user, exposing sensitive information or triggering unintended actions. The vulnerability is associated with specific Bug IDs CSCva40650 and CSCva40817, emphasizing the need for immediate attention and patching to mitigate risks in Smart Call Home Transport Gateway devices.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
http://www.securityfocus.com/bid/92516
vdb-entryx_refsource_BID

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.