CVE-2022-31734

 

Published at: - 20-06-2022 12:15

Last modified: - 27-06-2022 08:43

Total changes: - 2

Description

** Unsupported When Assigned ** Cisco Catalyst 2940 Series Switches provided by Cisco Systems, Inc. contain a reflected cross-site scripting vulnerability regarding error page generation. An arbitrary script may be executed on the web browser of the user who is using the product. The affected firmware is prior to 12.2(50)SY released in 2011, and Cisco Catalyst 2940 Series Switches have been retired since January 2015.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

 

Verification logic

 

Reference

• https://jvn.jp/en/jp/JVN94363766/index.html
• https://www.cisco.com/c/en/us/obsolete/switches/cisco-catalyst-2940-series-switches.html

 

Keywords

NVD

 

CVE-2022-31734

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures