// For flags

CVE-2012-3238

 

Severity Score

4.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field.

vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el componente Backup/Restore en WebAdmin en Astaro Security Gateway anteriores a v8.305, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del campo "Comment (opcional)".

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2012-06-06 CVE Reserved
  • 2012-06-12 CVE Published
  • 2024-09-17 CVE Updated
  • 2024-09-17 EPSS Updated
  • 2024-09-17 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Astaro
Search vendor "Astaro"
Security Gateway Software
Search vendor "Astaro" for product "Security Gateway Software"
<= 8.3
Search vendor "Astaro" for product "Security Gateway Software" and version " <= 8.3"
-
Affected
in Astaro
Search vendor "Astaro"
Security Gateway
Search vendor "Astaro" for product "Security Gateway"
*-
Affected
Sophos
Search vendor "Sophos"
Unified Threat Management Software
Search vendor "Sophos" for product "Unified Threat Management Software"
<= 8.3
Search vendor "Sophos" for product "Unified Threat Management Software" and version " <= 8.3"
-
Affected
in Sophos
Search vendor "Sophos"
Unified Threat Management
Search vendor "Sophos" for product "Unified Threat Management"
110
Search vendor "Sophos" for product "Unified Threat Management" and version "110"
-
Affected
Sophos
Search vendor "Sophos"
Unified Threat Management Software
Search vendor "Sophos" for product "Unified Threat Management Software"
<= 8.3
Search vendor "Sophos" for product "Unified Threat Management Software" and version " <= 8.3"
-
Affected
in Sophos
Search vendor "Sophos"
Unified Threat Management
Search vendor "Sophos" for product "Unified Threat Management"
120
Search vendor "Sophos" for product "Unified Threat Management" and version "120"
-
Affected
Sophos
Search vendor "Sophos"
Unified Threat Management Software
Search vendor "Sophos" for product "Unified Threat Management Software"
<= 8.3
Search vendor "Sophos" for product "Unified Threat Management Software" and version " <= 8.3"
-
Affected
in Sophos
Search vendor "Sophos"
Unified Threat Management
Search vendor "Sophos" for product "Unified Threat Management"
220
Search vendor "Sophos" for product "Unified Threat Management" and version "220"
-
Affected
Sophos
Search vendor "Sophos"
Unified Threat Management Software
Search vendor "Sophos" for product "Unified Threat Management Software"
<= 8.3
Search vendor "Sophos" for product "Unified Threat Management Software" and version " <= 8.3"
-
Affected
in Sophos
Search vendor "Sophos"
Unified Threat Management
Search vendor "Sophos" for product "Unified Threat Management"
320
Search vendor "Sophos" for product "Unified Threat Management" and version "320"
-
Affected
Sophos
Search vendor "Sophos"
Unified Threat Management Software
Search vendor "Sophos" for product "Unified Threat Management Software"
<= 8.3
Search vendor "Sophos" for product "Unified Threat Management Software" and version " <= 8.3"
-
Affected
in Sophos
Search vendor "Sophos"
Unified Threat Management
Search vendor "Sophos" for product "Unified Threat Management"
425
Search vendor "Sophos" for product "Unified Threat Management" and version "425"
-
Affected
Sophos
Search vendor "Sophos"
Unified Threat Management Software
Search vendor "Sophos" for product "Unified Threat Management Software"
<= 8.3
Search vendor "Sophos" for product "Unified Threat Management Software" and version " <= 8.3"
-
Affected
in Sophos
Search vendor "Sophos"
Unified Threat Management
Search vendor "Sophos" for product "Unified Threat Management"
525
Search vendor "Sophos" for product "Unified Threat Management" and version "525"
-
Affected
Sophos
Search vendor "Sophos"
Unified Threat Management Software
Search vendor "Sophos" for product "Unified Threat Management Software"
<= 8.3
Search vendor "Sophos" for product "Unified Threat Management Software" and version " <= 8.3"
-
Affected
in Sophos
Search vendor "Sophos"
Unified Threat Management
Search vendor "Sophos" for product "Unified Threat Management"
625
Search vendor "Sophos" for product "Unified Threat Management" and version "625"
-
Affected