// For flags

CVE-2021-38701

 

Severity Score

4.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Certain Motorola Solutions Avigilon devices allow XSS in the administrative UI. This affects T200/201 before 4.10.0.68; T290 before 4.4.0.80; T008 before 2.2.0.86; T205 before 4.12.0.62; T204 before 3.28.0.166; and T100, T101, T102, and T103 before 2.6.0.180.

Determinados dispositivos Avigilon de Motorola Solutions permiten un ataque de tipo XSS en la interfaz de usuario administrativa. Esto afecta a dispositivos T200/201 versiones anteriores a 4.10.0.68; T290 versiones anteriores a 4.4.0.80; T008 versiones anteriores a 2.2.0.86; T205 versiones anteriores a 4.12.0.62; T204 versiones anteriores a 3.28.0.166; y T100, T101, T102 y T103 versiones anteriores a 2.6.0.180

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
Single
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-08-14 CVE Reserved
  • 2021-12-15 CVE Published
  • 2023-07-08 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Motorola
Search vendor "Motorola"
T008 Firmware
Search vendor "Motorola" for product "T008 Firmware"
< 2.2.0.86
Search vendor "Motorola" for product "T008 Firmware" and version " < 2.2.0.86"
-
Affected
in Motorola
Search vendor "Motorola"
T008
Search vendor "Motorola" for product "T008"
--
Safe
Motorola
Search vendor "Motorola"
T100 Firmware
Search vendor "Motorola" for product "T100 Firmware"
< 2.6.0.180
Search vendor "Motorola" for product "T100 Firmware" and version " < 2.6.0.180"
-
Affected
in Motorola
Search vendor "Motorola"
T100
Search vendor "Motorola" for product "T100"
--
Safe
Motorola
Search vendor "Motorola"
T101 Firmware
Search vendor "Motorola" for product "T101 Firmware"
< 2.6.0.180
Search vendor "Motorola" for product "T101 Firmware" and version " < 2.6.0.180"
-
Affected
in Motorola
Search vendor "Motorola"
T101
Search vendor "Motorola" for product "T101"
--
Safe
Motorola
Search vendor "Motorola"
T102 Firmware
Search vendor "Motorola" for product "T102 Firmware"
< 2.6.0.180
Search vendor "Motorola" for product "T102 Firmware" and version " < 2.6.0.180"
-
Affected
in Motorola
Search vendor "Motorola"
T102
Search vendor "Motorola" for product "T102"
--
Safe
Motorola
Search vendor "Motorola"
T103 Firmware
Search vendor "Motorola" for product "T103 Firmware"
< 2.6.0.180
Search vendor "Motorola" for product "T103 Firmware" and version " < 2.6.0.180"
-
Affected
in Motorola
Search vendor "Motorola"
T103
Search vendor "Motorola" for product "T103"
--
Safe
Motorola
Search vendor "Motorola"
T200 Firmware
Search vendor "Motorola" for product "T200 Firmware"
< 4.10.0.68
Search vendor "Motorola" for product "T200 Firmware" and version " < 4.10.0.68"
-
Affected
in Motorola
Search vendor "Motorola"
T200
Search vendor "Motorola" for product "T200"
--
Safe
Motorola
Search vendor "Motorola"
T201 Firmware
Search vendor "Motorola" for product "T201 Firmware"
< 4.10.0.68
Search vendor "Motorola" for product "T201 Firmware" and version " < 4.10.0.68"
-
Affected
in Motorola
Search vendor "Motorola"
T201
Search vendor "Motorola" for product "T201"
--
Safe
Motorola
Search vendor "Motorola"
T204 Firmware
Search vendor "Motorola" for product "T204 Firmware"
< 3.28.0.166
Search vendor "Motorola" for product "T204 Firmware" and version " < 3.28.0.166"
-
Affected
in Motorola
Search vendor "Motorola"
T204
Search vendor "Motorola" for product "T204"
--
Safe
Motorola
Search vendor "Motorola"
T205 Firmware
Search vendor "Motorola" for product "T205 Firmware"
< 4.12.0.62
Search vendor "Motorola" for product "T205 Firmware" and version " < 4.12.0.62"
-
Affected
in Motorola
Search vendor "Motorola"
T205
Search vendor "Motorola" for product "T205"
--
Safe
Motorola
Search vendor "Motorola"
T290 Firmware
Search vendor "Motorola" for product "T290 Firmware"
< 4.4.0.80
Search vendor "Motorola" for product "T290 Firmware" and version " < 4.4.0.80"
-
Affected
in Motorola
Search vendor "Motorola"
T290
Search vendor "Motorola" for product "T290"
--
Safe