CVE-2012-4983
NONE
Published Dec 5, 201213y ago · Modified Jun 16, 20262w ago
Published Dec 5, 2012 13y ago
Last Modified Jun 16, 2026 2w ago
Description
Multiple cross-site scripting (XSS) vulnerabilities on the Forescout CounterACT NAC device before 7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the a parameter to assets/login or (2) the query parameter to assets/rangesearch.
Threat Intelligence
No active exploitation signals — not in CISA KEV and no EPSS score yet.
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-79 Cross-site Scripting Injection
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| forescout | counteract | 6.3.4.10 | any |
References 2
- reactionpenetrationtesting.co.uk http://www.reactionpenetrationtesting.co.uk/forescout-nac-xss.html
- securityfocus.com http://www.securityfocus.com/bid/56688
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.