Vulnerability-Lookup

CVE-2016-3968 (GCVE-0-2016-3968)

Vulnerability from cvelistv5 – Published: 2016-04-06 18:00 – Updated: 2024-09-16 16:13

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

VAR-201604-0097

Vulnerability from variot - Updated: 2025-04-13 23:18

Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance with firmware 10.6.3 MR-1 build 503, CR35iNG UTM appliance with firmware 10.6.2 MR-1 build 383, and CR35iNG UTM appliance with firmware 10.6.2 Build 378 allow remote attackers to inject arbitrary web script or HTML via the (1) ipFamily parameter to corporate/webpages/trafficdiscovery/LiveConnections.jsp; the (2) ipFamily, (3) applicationname, or (4) username parameter to corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp; or the (5) X-Forwarded-For HTTP header. (1) corporate/webpages/trafficdiscovery/LiveConnections.jsp of ipFamily Parameters (2) corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp of ipFamily Parameters (3) corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp of applicationname Parameters (4) corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp of username Parameters (5) X-Forwarded-For HTTP header. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected application. This may let the attacker steal cookie-based authentication credentials and launch other attacks. Cyberoam NG series of Unified Threat Management appliances arethe Next-Generation network security appliances that include UTM securityfeatures along with performance required for future networks. The NG seriesfor SMEs are the 'fastest UTMs' made for this segment. The best-in-classhardware along with software to match, enables the NG series to offer unmatchedthroughput speeds, compared to any other UTM appliance in this market segment.This assures support for future IT trends in organizations like high-speedInternet and rising number of devices in organizations – offering future-readysecurity to SMEs.Multiple reflected XSS issues were discovered in Cyberoam NG appliances.Input passed via the 'ipFamily', 'applicationname' and 'username' GET parametersto LiveConnections.jsp and LiveConnectionDetail.jsp is not properly sanitisedbefore being returned to the user. Adding arbitrary 'X-Forwarded-For' HTTP headerto a request makes the appliance also prone to a XSS issue. Sophos Cyberoam CR100iNG UTM, CR35iNG UTM and CR35iNG UTM are all new-generation firewalls running CyberoamOS operating system from British Sophos Company, which provide online application detection and control, web filtering, HTTPS inspection, intrusion prevention and other functions. The vulnerability stems from the fact that the corporate/webpages/trafficdiscovery/LiveConnections.jsp script does not fully filter the 'ipFamily' parameter; the corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp script does not fully filter the 'ipFamily' , 'applicationname', and 'username' parameters; the program did not adequately filter the X-Forwarded-For HTTP header. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201604-0097",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "cyberoam cr100ing utm",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sophos",
        "version": "10.6.3_mr-1_build_503"
      },
      {
        "model": "cyberoam cr35ing utm",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sophos",
        "version": "10.6.2_build_378"
      },
      {
        "model": "cyberoam cr35ing utm",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sophos",
        "version": "10.6.2_mr-1_build_383"
      },
      {
        "model": "cyberoam cr100ing utm",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sophos",
        "version": "10.6.3 mr-1 build 503"
      },
      {
        "model": "cyberoam cr35ing utm",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sophos",
        "version": "10.6.2 build 378"
      },
      {
        "model": "cyberoam cr35ing utm",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sophos",
        "version": "10.6.2 mr-1 build 383"
      },
      {
        "model": "cyberoam cr35ing utm",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "sophos",
        "version": null
      },
      {
        "model": "cyberoam cr100ing utm",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "sophos",
        "version": null
      },
      {
        "model": "cyberoam ng series multiple cross-site scripting vulnerabilities",
        "scope": "eq",
        "trust": 0.1,
        "vendor": "sophos pvt",
        "version": "fw: 10.6.3 mr-1 (build 503)"
      },
      {
        "model": "cyberoam ng series multiple cross-site scripting vulnerabilities",
        "scope": "eq",
        "trust": 0.1,
        "vendor": "sophos pvt",
        "version": "fw: 10.6.2 mr-1 (build 383)"
      },
      {
        "model": "cyberoam ng series multiple cross-site scripting vulnerabilities",
        "scope": "eq",
        "trust": 0.1,
        "vendor": "sophos pvt",
        "version": "fw: 10.6.2 (build 378)"
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2016-5313"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001941"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201604-036"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-3968"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:sophos:cyberoam_cr100ing_utm_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:sophos:cyberoam_cr35ing_utm_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001941"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Gjoko Krstic",
    "sources": [
      {
        "db": "BID",
        "id": "85892"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-3968",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2016-3968",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-92787",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 2.8,
            "id": "CVE-2016-3968",
            "impactScore": 2.7,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "trust": 1.8,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2016-3968",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2016-3968",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201604-036",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "ZSL",
            "id": "ZSL-2016-5313",
            "trust": 0.1,
            "value": "(2/5)"
          },
          {
            "author": "VULHUB",
            "id": "VHN-92787",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2016-5313"
      },
      {
        "db": "VULHUB",
        "id": "VHN-92787"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001941"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201604-036"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-3968"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance with firmware 10.6.3 MR-1 build 503, CR35iNG UTM appliance with firmware 10.6.2 MR-1 build 383, and CR35iNG UTM appliance with firmware 10.6.2 Build 378 allow remote attackers to inject arbitrary web script or HTML via the (1) ipFamily parameter to corporate/webpages/trafficdiscovery/LiveConnections.jsp; the (2) ipFamily, (3) applicationname, or (4) username parameter to corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp; or the (5) X-Forwarded-For HTTP header. (1) corporate/webpages/trafficdiscovery/LiveConnections.jsp of ipFamily Parameters (2) corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp of ipFamily Parameters (3) corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp of applicationname Parameters (4) corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp of username Parameters (5) X-Forwarded-For HTTP header. \nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected application. This may let the attacker steal cookie-based authentication credentials and launch other attacks. Cyberoam NG series of Unified Threat Management appliances arethe Next-Generation network security appliances that include UTM securityfeatures along with performance required for future networks. The NG seriesfor SMEs are the \u0027fastest UTMs\u0027 made for this segment. The best-in-classhardware along with software to match, enables the NG series to offer unmatchedthroughput speeds, compared to any other UTM appliance in this market segment.This assures support for future IT trends in organizations like high-speedInternet and rising number of devices in organizations \u2013 offering future-readysecurity to SMEs.Multiple reflected XSS issues were discovered in Cyberoam NG appliances.Input passed via the \u0027ipFamily\u0027, \u0027applicationname\u0027 and \u0027username\u0027 GET parametersto LiveConnections.jsp and LiveConnectionDetail.jsp is not properly sanitisedbefore being returned to the user. Adding arbitrary \u0027X-Forwarded-For\u0027 HTTP headerto a request makes the appliance also prone to a XSS issue. Sophos Cyberoam CR100iNG UTM, CR35iNG UTM and CR35iNG UTM are all new-generation firewalls running CyberoamOS operating system from British Sophos Company, which provide online application detection and control, web filtering, HTTPS inspection, intrusion prevention and other functions. The vulnerability stems from the fact that the corporate/webpages/trafficdiscovery/LiveConnections.jsp script does not fully filter the \u0027ipFamily\u0027 parameter; the corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp script does not fully filter the \u0027ipFamily\u0027 , \u0027applicationname\u0027, and \u0027username\u0027 parameters; the program did not adequately filter the X-Forwarded-For HTTP header. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-3968"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001941"
      },
      {
        "db": "BID",
        "id": "85892"
      },
      {
        "db": "ZSL",
        "id": "ZSL-2016-5313"
      },
      {
        "db": "VULHUB",
        "id": "VHN-92787"
      }
    ],
    "trust": 2.07
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.zeroscience.mk/codes/cyberoam_xss.txt",
        "trust": 0.1,
        "type": "poc"
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2016-5313"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-3968",
        "trust": 2.9
      },
      {
        "db": "ZSL",
        "id": "ZSL-2016-5313",
        "trust": 2.6
      },
      {
        "db": "PACKETSTORM",
        "id": "136561",
        "trust": 1.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001941",
        "trust": 0.9
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201604-036",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "85892",
        "trust": 0.4
      },
      {
        "db": "CXSECURITY",
        "id": "WLB-2016040025",
        "trust": 0.1
      },
      {
        "db": "VULDB",
        "id": "81644",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-92787",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2016-5313"
      },
      {
        "db": "VULHUB",
        "id": "VHN-92787"
      },
      {
        "db": "BID",
        "id": "85892"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001941"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201604-036"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-3968"
      }
    ]
  },
  "id": "VAR-201604-0097",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-92787"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2025-04-13T23:18:00.671000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "CR100iNG UTM",
        "trust": 0.8,
        "url": "http://www.cyberoam.com/downloads/datasheet/CyberoamCR100iNG.pdf"
      },
      {
        "title": "CR35iNG UTM",
        "trust": 0.8,
        "url": "http://www.cyberoam.com/downloads/datasheet/CyberoamCR35iNG.pdf"
      },
      {
        "title": "Multiple Sophos Cyberoam Fixes for product cross-site scripting vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60771"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001941"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201604-036"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-79",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-92787"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001941"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-3968"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.zeroscience.mk/en/vulnerabilities/zsl-2016-5313.php"
      },
      {
        "trust": 1.7,
        "url": "http://packetstormsecurity.com/files/136561/sophos-cyberoam-ng-series-cross-site-scripting.html"
      },
      {
        "trust": 0.9,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-3968"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-3968"
      },
      {
        "trust": 0.3,
        "url": "http://www.sophos.com/"
      },
      {
        "trust": 0.1,
        "url": "https://docs.cyberoam.com/default.asp?id=447\u0026amp;lang=1\u0026amp;sid="
      },
      {
        "trust": 0.1,
        "url": "https://cxsecurity.com/issue/wlb-2016040025"
      },
      {
        "trust": 0.1,
        "url": "https://packetstormsecurity.com/files/136561"
      },
      {
        "trust": 0.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/111980"
      },
      {
        "trust": 0.1,
        "url": "http://vuldb.com/?id.81644"
      },
      {
        "trust": 0.1,
        "url": "http://jvndb.jvn.jp/ja/contents/2016/jvndb-2016-001941.html"
      },
      {
        "trust": 0.1,
        "url": "http://tech.cert-hungary.hu/vulnerabilities/ch-13158"
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2016-5313"
      },
      {
        "db": "VULHUB",
        "id": "VHN-92787"
      },
      {
        "db": "BID",
        "id": "85892"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001941"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201604-036"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-3968"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "ZSL",
        "id": "ZSL-2016-5313"
      },
      {
        "db": "VULHUB",
        "id": "VHN-92787"
      },
      {
        "db": "BID",
        "id": "85892"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001941"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201604-036"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-3968"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-04-04T00:00:00",
        "db": "ZSL",
        "id": "ZSL-2016-5313"
      },
      {
        "date": "2016-04-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-92787"
      },
      {
        "date": "2016-04-04T00:00:00",
        "db": "BID",
        "id": "85892"
      },
      {
        "date": "2016-04-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-001941"
      },
      {
        "date": "2016-04-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201604-036"
      },
      {
        "date": "2016-04-06T18:59:00.120000",
        "db": "NVD",
        "id": "CVE-2016-3968"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-04-11T00:00:00",
        "db": "ZSL",
        "id": "ZSL-2016-5313"
      },
      {
        "date": "2016-04-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-92787"
      },
      {
        "date": "2016-04-04T00:00:00",
        "db": "BID",
        "id": "85892"
      },
      {
        "date": "2016-04-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-001941"
      },
      {
        "date": "2016-04-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201604-036"
      },
      {
        "date": "2025-04-12T10:46:40.837000",
        "db": "NVD",
        "id": "CVE-2016-3968"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201604-036"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sophos Cyberoam CR100iNG UTM and  CR35iNG UTM Appliance firmware cross-site scripting vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001941"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "XSS",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201604-036"
      }
    ],
    "trust": 0.6
  }
}

GHSA-P2WH-4XQW-8C9X

Vulnerability from github – Published: 2022-05-17 03:57 – Updated: 2022-05-17 03:57

Details

Severity ?

6.1 (Medium)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-3968"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-04-06T18:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance with firmware 10.6.3 MR-1 build 503, CR35iNG UTM appliance with firmware 10.6.2 MR-1 build 383, and CR35iNG UTM appliance with firmware 10.6.2 Build 378 allow remote attackers to inject arbitrary web script or HTML via the (1) ipFamily parameter to corporate/webpages/trafficdiscovery/LiveConnections.jsp; the (2) ipFamily, (3) applicationname, or (4) username parameter to corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp; or the (5) X-Forwarded-For HTTP header.",
  "id": "GHSA-p2wh-4xqw-8c9x",
  "modified": "2022-05-17T03:57:26Z",
  "published": "2022-05-17T03:57:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3968"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/136561/Sophos-Cyberoam-NG-Series-Cross-Site-Scripting.html"
    },
    {
      "type": "WEB",
      "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5313.php"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2016-3968

Vulnerability from fkie_nvd - Published: 2016-04-06 18:59 - Updated: 2025-04-12 10:46

Severity ?

6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.com/files/136561/Sophos-Cyberoam-NG-Series-Cross-Site-Scripting.html	Exploit
cve@mitre.org	http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5313.php
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/136561/Sophos-Cyberoam-NG-Series-Cross-Site-Scripting.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5313.php

Impacted products

Vendor	Product	Version
sophos	cyberoam_cr100ing_utm	-
sophos	cyberoam_cr100ing_utm_firmware	10.6.3_mr-1_build_503
sophos	cyberoam_cr35ing_utm	-
sophos	cyberoam_cr35ing_utm_firmware	10.6.2_build_378
sophos	cyberoam_cr35ing_utm_firmware	10.6.2_mr-1_build_383

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sophos:cyberoam_cr100ing_utm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA5F8E8C-782B-4A5A-A42A-37C6FFDA0F64",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sophos:cyberoam_cr100ing_utm_firmware:10.6.3_mr-1_build_503:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1815694-3DBE-409D-9500-F03F6A9C8E93",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sophos:cyberoam_cr35ing_utm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66ADACF6-69F0-4266-AEB5-1C3527028629",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sophos:cyberoam_cr35ing_utm_firmware:10.6.2_build_378:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DC9F6ED-B657-4FD9-BB1A-840B01A8E006",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sophos:cyberoam_cr35ing_utm_firmware:10.6.2_mr-1_build_383:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A26058D-1707-4487-AF46-C0F8EC959368",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance with firmware 10.6.3 MR-1 build 503, CR35iNG UTM appliance with firmware 10.6.2 MR-1 build 383, and CR35iNG UTM appliance with firmware 10.6.2 Build 378 allow remote attackers to inject arbitrary web script or HTML via the (1) ipFamily parameter to corporate/webpages/trafficdiscovery/LiveConnections.jsp; the (2) ipFamily, (3) applicationname, or (4) username parameter to corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp; or the (5) X-Forwarded-For HTTP header."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de XSS en dispositivos Sophos Cyberoam CR100iNG UTM con firmware 10.6.3 MR-1 build 503, dispositivos CR35iNG UTM con firmware 10.6.2 MR-1 build 383 y dispositivos CR35iNG UTM con firmware 10.6.2 Build 378 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del par\u00e1metro (1) ipFamily en corporate/webpages/trafficdiscovery/LiveConnections.jsp; el par\u00e1metro (2) ipFamily, (3) applicationname o (4) username en corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp; o (5) la cabecera X-Forwarded-For HTTP."
    }
  ],
  "id": "CVE-2016-3968",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-04-06T18:59:00.120",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/136561/Sophos-Cyberoam-NG-Series-Cross-Site-Scripting.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5313.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/136561/Sophos-Cyberoam-NG-Series-Cross-Site-Scripting.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5313.php"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2016-3968

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-3968

Aliases

CVE-2016-3968

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-3968",
    "description": "Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance with firmware 10.6.3 MR-1 build 503, CR35iNG UTM appliance with firmware 10.6.2 MR-1 build 383, and CR35iNG UTM appliance with firmware 10.6.2 Build 378 allow remote attackers to inject arbitrary web script or HTML via the (1) ipFamily parameter to corporate/webpages/trafficdiscovery/LiveConnections.jsp; the (2) ipFamily, (3) applicationname, or (4) username parameter to corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp; or the (5) X-Forwarded-For HTTP header.",
    "id": "GSD-2016-3968"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-3968"
      ],
      "details": "Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance with firmware 10.6.3 MR-1 build 503, CR35iNG UTM appliance with firmware 10.6.2 MR-1 build 383, and CR35iNG UTM appliance with firmware 10.6.2 Build 378 allow remote attackers to inject arbitrary web script or HTML via the (1) ipFamily parameter to corporate/webpages/trafficdiscovery/LiveConnections.jsp; the (2) ipFamily, (3) applicationname, or (4) username parameter to corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp; or the (5) X-Forwarded-For HTTP header.",
      "id": "GSD-2016-3968",
      "modified": "2023-12-13T01:21:27.489027Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2016-3968",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance with firmware 10.6.3 MR-1 build 503, CR35iNG UTM appliance with firmware 10.6.2 MR-1 build 383, and CR35iNG UTM appliance with firmware 10.6.2 Build 378 allow remote attackers to inject arbitrary web script or HTML via the (1) ipFamily parameter to corporate/webpages/trafficdiscovery/LiveConnections.jsp; the (2) ipFamily, (3) applicationname, or (4) username parameter to corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp; or the (5) X-Forwarded-For HTTP header."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5313.php",
            "refsource": "MISC",
            "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5313.php"
          },
          {
            "name": "http://packetstormsecurity.com/files/136561/Sophos-Cyberoam-NG-Series-Cross-Site-Scripting.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/136561/Sophos-Cyberoam-NG-Series-Cross-Site-Scripting.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:sophos:cyberoam_cr100ing_utm:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:sophos:cyberoam_cr100ing_utm_firmware:10.6.3_mr-1_build_503:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:sophos:cyberoam_cr35ing_utm:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:sophos:cyberoam_cr35ing_utm_firmware:10.6.2_mr-1_build_383:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:sophos:cyberoam_cr35ing_utm_firmware:10.6.2_build_378:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-3968"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance with firmware 10.6.3 MR-1 build 503, CR35iNG UTM appliance with firmware 10.6.2 MR-1 build 383, and CR35iNG UTM appliance with firmware 10.6.2 Build 378 allow remote attackers to inject arbitrary web script or HTML via the (1) ipFamily parameter to corporate/webpages/trafficdiscovery/LiveConnections.jsp; the (2) ipFamily, (3) applicationname, or (4) username parameter to corporate/webpages/trafficdiscovery/LiveConnectionDetail.jsp; or the (5) X-Forwarded-For HTTP header."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5313.php",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5313.php"
            },
            {
              "name": "http://packetstormsecurity.com/files/136561/Sophos-Cyberoam-NG-Series-Cross-Site-Scripting.html",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://packetstormsecurity.com/files/136561/Sophos-Cyberoam-NG-Series-Cross-Site-Scripting.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2016-04-07T19:07Z",
      "publishedDate": "2016-04-06T18:59Z"
    }
  }
}

CNVD-2016-02079

Vulnerability from cnvd - Published: 2016-04-08

Title

Sophos Cyberoam多个产品跨站脚本漏洞

Description

Sophos Cyberoam UTM及NGFW设备是统一威胁管理及下一代防火墙产品。 Sophos Cyberoam多个产品存在跨站脚本漏洞，远程攻击者利用这些漏洞可注入任意Web脚本或HTML。

Severity

中

Patch Name

Sophos Cyberoam多个产品跨站脚本漏洞的补丁

Patch Description

Sophos Cyberoam UTM及NGFW设备是统一威胁管理及下一代防火墙产品。 Sophos Cyberoam多个产品存在跨站脚本漏洞，远程攻击者利用这些漏洞可注入任意Web脚本或HTML。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞： http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5313.php

Reference

http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5313.php

Impacted products

Name
['Sophos CR100iNG, FW 10.6.3 MR-1 (Build 503)', 'Sophos CR35iNG, FW 10.6.2 MR-1 (Build 383)', 'Sophos CR35iNG, FW 10.6.2 (Build 378)']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-3968"
    }
  },
  "description": "Sophos Cyberoam UTM\u53caNGFW\u8bbe\u5907\u662f\u7edf\u4e00\u5a01\u80c1\u7ba1\u7406\u53ca\u4e0b\u4e00\u4ee3\u9632\u706b\u5899\u4ea7\u54c1\u3002\r\n\r\nSophos Cyberoam\u591a\u4e2a\u4ea7\u54c1\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u53ef\u6ce8\u5165\u4efb\u610fWeb\u811a\u672c\u6216HTML\u3002",
  "discovererName": "Gjoko Krstic \uff08liquidworm@gmail.com\uff09",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5313.php",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-02079",
  "openTime": "2016-04-08",
  "patchDescription": "Sophos Cyberoam UTM\u53caNGFW\u8bbe\u5907\u662f\u7edf\u4e00\u5a01\u80c1\u7ba1\u7406\u53ca\u4e0b\u4e00\u4ee3\u9632\u706b\u5899\u4ea7\u54c1\u3002\r\n\r\nSophos Cyberoam\u591a\u4e2a\u4ea7\u54c1\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u53ef\u6ce8\u5165\u4efb\u610fWeb\u811a\u672c\u6216HTML\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Sophos Cyberoam\u591a\u4e2a\u4ea7\u54c1\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Sophos CR100iNG, FW 10.6.3 MR-1 (Build 503)",
      "Sophos CR35iNG, FW 10.6.2 MR-1 (Build 383)",
      "Sophos CR35iNG, FW 10.6.2 (Build 378)"
    ]
  },
  "referenceLink": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5313.php",
  "serverity": "\u4e2d",
  "submitTime": "2016-04-07",
  "title": "Sophos Cyberoam\u591a\u4e2a\u4ea7\u54c1\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-3968 (GCVE-0-2016-3968)

VAR-201604-0097

GHSA-P2WH-4XQW-8C9X

FKIE_CVE-2016-3968

GSD-2016-3968

CNVD-2016-02079

Tags

Sightings

Nomenclature