CVE-2008-5869 - Vulnerability Details

Vendors	Products
Proxim	Tsunami Mp.11 2411

Link	Providers
http://securityreason.com/securityalert/4884
http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-24
http://www.securityfocus.com/archive/1/497182/100/0/threaded
http://www.securityfocus.com/bid/31666
https://exchange.xforce.ibmcloud.com/vulnerabilities/45797

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-10-09T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 allows remote authenticated users to inject arbitrary web script or HTML via the system.sysName.0 SNMP OID."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "tsunamimp11-systemsysname0-xss(45797)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45797"}, {"name": "31666", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/31666"}, {"tags": ["x_refsource_MISC"], "url": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-24"}, {"name": "20081009 PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/497182/100/0/threaded"}, {"name": "4884", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/4884"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-5869", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in the Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 allows remote authenticated users to inject arbitrary web script or HTML via the system.sysName.0 SNMP OID."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "tsunamimp11-systemsysname0-xss(45797)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45797"}, {"name": "31666", "refsource": "BID", "url": "http://www.securityfocus.com/bid/31666"}, {"name": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-24", "refsource": "MISC", "url": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-24"}, {"name": "20081009 PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/497182/100/0/threaded"}, {"name": "4884", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/4884"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T11:13:12.993Z"}, "title": "CVE Program Container", "references": [{"name": "tsunamimp11-systemsysname0-xss(45797)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45797"}, {"name": "31666", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/31666"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-24"}, {"name": "20081009 PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/497182/100/0/threaded"}, {"name": "4884", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/4884"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-5869", "datePublished": "2009-01-08T18:13:00", "dateReserved": "2009-01-08T00:00:00", "dateUpdated": "2024-08-07T11:13:12.993Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2008-10-09T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Cross-site scripting (XSS) vulnerability in the Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 allows remote authenticated users to inject arbitrary web script or HTML via the system.sysName.0 SNMP OID. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2018-10-11T19:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : tsunamimp11-systemsysname0-xss(45797) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/45797 (string)

}

1 : { »

name : 31666 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/31666 (string)

}

2 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-24 (string)

}

3 : { »

name : 20081009 PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

]

url : http://www.securityfocus.com/archive/1/497182/100/0/threaded (string)

}

4 : { »

name : 4884 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SREASON (string)

]

url : http://securityreason.com/securityalert/4884 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2008-5869 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Cross-site scripting (XSS) vulnerability in the Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 allows remote authenticated users to inject arbitrary web script or HTML via the system.sysName.0 SNMP OID. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : tsunamimp11-systemsysname0-xss(45797) (string)

refsource : XF (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/45797 (string)

}

1 : { »

name : 31666 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/31666 (string)

}

2 : { »

name : http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-24 (string)

refsource : MISC (string)

url : http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-24 (string)

}

3 : { »

name : 20081009 PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection (string)

refsource : BUGTRAQ (string)

url : http://www.securityfocus.com/archive/1/497182/100/0/threaded (string)

}

4 : { »

name : 4884 (string)

refsource : SREASON (string)

url : http://securityreason.com/securityalert/4884 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-07T11:13:12.993Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : tsunamimp11-systemsysname0-xss(45797) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/45797 (string)

}

1 : { »

name : 31666 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/31666 (string)

}

2 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-24 (string)

}

3 : { »

name : 20081009 PR08-24: Proxim Tsunami MP.11 2411 vulnerable to SNMP Injection (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/archive/1/497182/100/0/threaded (string)

}

4 : { »

name : 4884 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SREASON (string)

2 : x_transferred (string)

]

url : http://securityreason.com/securityalert/4884 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2008-5869 (string)

datePublished : 2009-01-08T18:13:00 (string)

dateReserved : 2009-01-08T00:00:00 (string)

dateUpdated : 2024-08-07T11:13:12.993Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:proxim:tsunami_mp.11_2411:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "11EA2AD4-00A0-4367-9192-B3781C831C1B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 allows remote authenticated users to inject arbitrary web script or HTML via the system.sysName.0 SNMP OID."}, {"lang": "es", "value": "Vulnerablidad de secuencias de comandos en sitios cruzados (XSS) en el software empotrado (firmware) Proxim Wireless Tsunami MP.11 2411 v3.0.3 permite a usuarios remotos autenticados inyectar web script o HTML a trav\u00e9s de system.sysName.0 SNMP OID."}], "id": "CVE-2008-5869", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2009-01-08T18:30:04.733", "references": [{"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/4884"}, {"source": "cve@mitre.org", "url": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-24"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/497182/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/31666"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45797"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/4884"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-24"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/497182/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/31666"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45797"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:proxim:tsunami_mp.11_2411:3.0.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 11EA2AD4-00A0-4367-9192-B3781C831C1B (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Cross-site scripting (XSS) vulnerability in the Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 allows remote authenticated users to inject arbitrary web script or HTML via the system.sysName.0 SNMP OID. (string)

}

1 : { »

lang : es (string)

value : Vulnerablidad de secuencias de comandos en sitios cruzados (XSS) en el software empotrado (firmware) Proxim Wireless Tsunami MP.11 2411 v3.0.3 permite a usuarios remotos autenticados inyectar web script o HTML a través de system.sysName.0 SNMP OID. (string)

}

]

id : CVE-2008-5869 (string)

lastModified : 2025-04-09T00:30:58.490 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 4.3 (number)

confidentialityImpact : NONE (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:N/C:N/I:P/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

}

published : 2009-01-08T18:30:04.733 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

url : http://securityreason.com/securityalert/4884 (string)

}

1 : { »

source : cve@mitre.org (string)

url : http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-24 (string)

}

2 : { »

source : cve@mitre.org (string)

url : http://www.securityfocus.com/archive/1/497182/100/0/threaded (string)

}

3 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Exploit (string)

]

url : http://www.securityfocus.com/bid/31666 (string)

}

4 : { »

source : cve@mitre.org (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/45797 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://securityreason.com/securityalert/4884 (string)

}

6 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-24 (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/archive/1/497182/100/0/threaded (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

]

url : http://www.securityfocus.com/bid/31666 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/45797 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-79 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object