CVE-2014-2116

Published: Apr 4, 2014Modified: May 6, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject web pages and modify dynamic content via unspecified parameters, aka Bug ID CSCun37882.

Affected (1)

Products: Cisco: Emergency Responder

Cisco

1 product

Emergency Responder

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Emergency Responder	Up to 8.6

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (8)

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2116

Source: psirt@cisco.com

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=33641

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/66632

Source: psirt@cisco.com

http://www.securitytracker.com/id/1030019

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2116

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=33641

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/66632

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1030019

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.