Vulnerabilities > Cisco > Transport Gateway Installation Software > 4.0

DATE	CVE	VULNERABILITY TITLE	RISK
2014-08-29	CVE-2014-3346	Improper Input Validation vulnerability in Cisco Transport Gateway Installation Software 4.0 The web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) does not validate an unspecified parameter, which allows remote authenticated users to cause a denial of service (service crash) via a crafted string, aka Bug ID CSCuq31819. network cisco CWE-20	6.3
2014-08-28	CVE-2014-3345	Permissions, Privileges, and Access Controls vulnerability in Cisco Transport Gateway Installation Software 4.0 The web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 does not properly check authorization for administrative web pages, which allows remote attackers to modify the product via a crafted URL, aka Bug ID CSCuq31503. network low complexity cisco CWE-264	5.0
2014-08-28	CVE-2014-3344	Cross-Site Scripting vulnerability in Cisco Transport Gateway Installation Software 4.0 Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuq31129, CSCuq31134, CSCuq31137, and CSCuq31563. network cisco CWE-79	4.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.