CVE-2014-2116

CWE-20 — Improper Input Validation4 documents4 sources

Severity

4.3MEDIUM

EPSS

0.4%

top 40.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Emergency Responder

Timeline

PublishedApr 4

Latest updateMay 17

Description

Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject web pages and modify dynamic content via unspecified parameters, aka Bug ID CSCun37882.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/emergency_responder8.6

🔴Vulnerability Details

GHSA

GHSA-cjqp-v2q3-jxjg: Cisco Emergency Responder (ER) 8↗2022-05-17

▶

CVEList

CVE-2014-2116: Cisco Emergency Responder (ER) 8↗2014-04-04

▶

📋Vendor Advisories

Cisco

Cisco Emergency Responder Dynamic Content Modification Vulnerability↗2014-04-03

▶