{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-12-03T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the web interface in the Assurance component in Cisco Prime Collaboration allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs CSCui92643, CSCui94038, and CSCui94161."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-01-08T14:57:00", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31998"}, {"name": "55954", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/55954"}, {"name": "1029425", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1029425"}, {"name": "20131203 Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6690"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2013-6690", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the web interface in the Assurance component in Cisco Prime Collaboration allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs CSCui92643, CSCui94038, and CSCui94161."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31998", "refsource": "CONFIRM", "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31998"}, {"name": "55954", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/55954"}, {"name": "1029425", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1029425"}, {"name": "20131203 Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6690"}]}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2013-6690", "datePublished": "2013-12-03T19:00:00", "dateReserved": "2013-11-07T00:00:00", "dateUpdated": "2014-01-08T14:57:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:prime_collaboration:-:*:*:*:*:*:*:*", "matchCriteriaId": "D132E7DF-3B63-4A2A-AE65-C5F90CCF3878", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the web interface in the Assurance component in Cisco Prime Collaboration allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs CSCui92643, CSCui94038, and CSCui94161."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades cross-site scripting (XSS) en la interfaz web del componente Assurance de Cisco Prime Collaboration permite a atacantes remotos inyectar scripts web o HTML arbitrarios a trav\u00e9s de vectores no espcificados, tambi\u00e9n conocido como Bug IDs CSCui92643, y CSCui94161."}], "id": "CVE-2013-6690", "lastModified": "2016-09-15T19:14:17.960", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2013-12-03T19:56:32.203", "references": [{"source": "ykramarz@cisco.com", "url": "http://secunia.com/advisories/55954"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6690"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31998"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1029425"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}