// For flags

CVE-2016-3968

 

Severity Score

6.1
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance with firmware 10.6.3 MR-1 build 503, CR35iNG UTM appliance with firmware 10.6.2 MR-1 build 383, and CR35iNG UTM appliance with firmware 10.6.2 Build 378 allow remote attackers to inject arbitrary web script or HTML via the (1) ipFamily parameter to corporate/webpages/trafficdiscovery/LiveConnections.jsp; the (2) ipFamily, (3) applicationname, or (4) username parameter to corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp; or the (5) X-Forwarded-For HTTP header.

Múltiples vulnerabilidades de XSS en dispositivos Sophos Cyberoam CR100iNG UTM con firmware 10.6.3 MR-1 build 503, dispositivos CR35iNG UTM con firmware 10.6.2 MR-1 build 383 y dispositivos CR35iNG UTM con firmware 10.6.2 Build 378 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro (1) ipFamily en corporate/webpages/trafficdiscovery/LiveConnections.jsp; el parámetro (2) ipFamily, (3) applicationname o (4) username en corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp; o (5) la cabecera X-Forwarded-For HTTP.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2016-04-06 CVE Reserved
  • 2016-04-06 CVE Published
  • 2024-09-16 CVE Updated
  • 2024-09-16 First Exploit
  • 2024-09-19 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Sophos
Search vendor "Sophos"
Cyberoam Cr100ing Utm Firmware
Search vendor "Sophos" for product "Cyberoam Cr100ing Utm Firmware"
10.6.3_mr-1_build_503
Search vendor "Sophos" for product "Cyberoam Cr100ing Utm Firmware" and version "10.6.3_mr-1_build_503"
-
Affected
in Sophos
Search vendor "Sophos"
Cyberoam Cr100ing Utm
Search vendor "Sophos" for product "Cyberoam Cr100ing Utm"
--
Safe
Sophos
Search vendor "Sophos"
Cyberoam Cr35ing Utm Firmware
Search vendor "Sophos" for product "Cyberoam Cr35ing Utm Firmware"
10.6.2_build_378
Search vendor "Sophos" for product "Cyberoam Cr35ing Utm Firmware" and version "10.6.2_build_378"
-
Affected
in Sophos
Search vendor "Sophos"
Cyberoam Cr35ing Utm
Search vendor "Sophos" for product "Cyberoam Cr35ing Utm"
--
Safe
Sophos
Search vendor "Sophos"
Cyberoam Cr35ing Utm Firmware
Search vendor "Sophos" for product "Cyberoam Cr35ing Utm Firmware"
10.6.2_mr-1_build_383
Search vendor "Sophos" for product "Cyberoam Cr35ing Utm Firmware" and version "10.6.2_mr-1_build_383"
-
Affected
in Sophos
Search vendor "Sophos"
Cyberoam Cr35ing Utm
Search vendor "Sophos" for product "Cyberoam Cr35ing Utm"
--
Safe