CVE-2012-3047

Cross-site scripting (XSS) vulnerability in the web-wizard setup page on Cisco Scientific Atlanta D20 and D30 cable modems allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
VendorProductVersion
ciscoscientific_atlanta_dpc\/epc_3208
-
ciscoscientific_atlanta_dpc\/epc2100
-
ciscoscientific_atlanta_dpc\/epc2202
-
ciscoscientific_atlanta_dpc\/epc2203
-
ciscoscientific_atlanta_dpc\/epc2325
-
ciscoscientific_atlanta_dpc\/epc2425
-
ciscoscientific_atlanta_dpc\/epc2434
-
ciscoscientific_atlanta_dpc\/epc2505
-
ciscoscientific_atlanta_dpc\/epc3010
-
ciscoscientific_atlanta_dpc\/epc3212
-
ciscoscientific_atlanta_dpc2420
-
ciscoscientific_atlanta_dpc3000\/epc3000
-
ciscoscientific_atlanta_dpc3008\/epc3008
-
ciscoscientific_atlanta_dpc3825
-
ciscoscientific_atlanta_dpc3925
-
ciscoscientific_atlanta_dpq\/epq2160
-
ciscoscientific_atlanta_dpq2202
-
ciscoscientific_atlanta_dpq2425
-
ciscoscientific_atlanta_dpq3212
-
ciscoscientific_atlanta_dpq3925
-
ciscoscientific_atlanta_dpr362
-
ciscoscientific_atlanta_dpw700
-
ciscoscientific_atlanta_dpw730
-
ciscoscientific_atlanta_dpw939
-
ciscoscientific_atlanta_dpw941
-
ciscoscientific_atlanta_dpx\/epx2100
-
ciscoscientific_atlanta_dpx\/epx2203
-
ciscoscientific_atlanta_dpx\/epx2203c
-
ciscoscientific_atlanta_dpx100\/120
-
ciscoscientific_atlanta_dpx110
-
ciscoscientific_atlanta_dpx130
-
ciscoscientific_atlanta_dpx213
-
ciscoscientific_atlanta_dpx2213
-
ciscoscientific_atlanta_epc2420
-
ciscoscientific_atlanta_epc3825
-
ciscoscientific_atlanta_epc3925
-
ciscoscientific_atlanta_wag310g
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=26036
http://tools.cisco.com/security/center/viewAlert.x?alertId=26036