Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.106901
Kategorie:CISCO
Titel:Cisco Prime Infrastructure Web Framework Code Cross-Site Scripting Vulnerability
Zusammenfassung:A vulnerability in the web framework code of Cisco Prime Infrastructure;could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of;the web interface of an affected system.
Beschreibung:Summary:
A vulnerability in the web framework code of Cisco Prime Infrastructure
could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of
the web interface of an affected system.

Vulnerability Insight:
The vulnerability is due to insufficient input validation of some
parameters passed to the web server. An attacker could exploit this vulnerability by convincing a user to access
a malicious link or by intercepting a user request and injecting malicious code into the request.

Vulnerability Impact:
An exploit could allow the attacker to execute arbitrary script code in the
context of the affected site or allow the attacker to access sensitive browser-based information.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2017-6724
BugTraq ID: 99203
http://www.securityfocus.com/bid/99203
http://www.securitytracker.com/id/1038751
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.