CVE-2010-3459 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	4.3 UNKNOWN	NETWORK	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N
mitre	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 65%

Vendor	Product	Version
gecad	axigen_mail_server	𝑥 ≤ 7.4.1
gecad	axigen_mail_server	-
gecad	axigen_mail_server	1.0.1
gecad	axigen_mail_server	1.0.2
gecad	axigen_mail_server	1.0.5
gecad	axigen_mail_server	1.0.6
gecad	axigen_mail_server	1.0.7
gecad	axigen_mail_server	1.1.0
gecad	axigen_mail_server	1.1.0:beta1
gecad	axigen_mail_server	1.1.1
gecad	axigen_mail_server	1.2.0
gecad	axigen_mail_server	1.2.0:beta
gecad	axigen_mail_server	1.2.3
gecad	axigen_mail_server	1.2.4
gecad	axigen_mail_server	1.2.5
gecad	axigen_mail_server	1.2.5:b
gecad	axigen_mail_server	1.2.6
gecad	axigen_mail_server	2.0
gecad	axigen_mail_server	2.0.3
gecad	axigen_mail_server	2.0.4
gecad	axigen_mail_server	2.0.5
gecad	axigen_mail_server	3.0
gecad	axigen_mail_server	3.0:beta
gecad	axigen_mail_server	3.0.1
gecad	axigen_mail_server	4.0
gecad	axigen_mail_server	4.0:beta
gecad	axigen_mail_server	4.0.1
gecad	axigen_mail_server	4.0.2
gecad	axigen_mail_server	5.0
gecad	axigen_mail_server	5.0:beta
gecad	axigen_mail_server	5.0.1
gecad	axigen_mail_server	5.0.2
gecad	axigen_mail_server	5.0.3
gecad	axigen_mail_server	6.0.1
gecad	axigen_mail_server	6.1
gecad	axigen_mail_server	6.1:beta
gecad	axigen_mail_server	6.2
gecad	axigen_mail_server	6.2.2
gecad	axigen_mail_server	7.0
gecad	axigen_mail_server	7.0:beta
gecad	axigen_mail_server	7.1
gecad	axigen_mail_server	7.1.1
gecad	axigen_mail_server	7.1.2
gecad	axigen_mail_server	7.1.3
gecad	axigen_mail_server	7.1.4
gecad	axigen_mail_server	7.2
gecad	axigen_mail_server	7.2:beta
gecad	axigen_mail_server	7.2.1
gecad	axigen_mail_server	7.3
gecad	axigen_mail_server	7.3:beta
gecad	axigen_mail_server	7.3.1
gecad	axigen_mail_server	7.3.2
gecad	axigen_mail_server	7.3.3
gecad	axigen_mail_server	7.4
gecad	axigen_mail_server	7.4:beta

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

http://secunia.com/advisories/41430

http://www.axigen.com/press/product-releases/axigen-releases-version-742_74.html

http://www.osvdb.org/68026

http://www.securityfocus.com/bid/43230

http://www.vupen.com/english/advisories/2010/2415

https://exchange.xforce.ibmcloud.com/vulnerabilities/61825

http://secunia.com/advisories/41430

http://www.axigen.com/press/product-releases/axigen-releases-version-742_74.html

http://www.osvdb.org/68026

http://www.securityfocus.com/bid/43230

http://www.vupen.com/english/advisories/2010/2415

https://exchange.xforce.ibmcloud.com/vulnerabilities/61825