Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.105774 |
Categoría: | CISCO |
Título: | Cisco Firepower Management Center Persistent Cross-Site Scripting Vulnerability |
Resumen: | A vulnerability in the HTTP framework of Cisco Firepower Management Center; could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against an; affected device.;; The vulnerability is due to insufficient filtering of output data. An attacker could exploit this; vulnerability by persuading a user to follow a link to a malicious site or by intercepting a user; request and injecting malicious code into the request. A successful exploit could allow the attacker; to execute arbitrary script in the context of the site or access sensitive browser-based information.;; Cisco has not released software updates that address this vulnerability. There are no workarounds; that address this vulnerability. |
Descripción: | Summary: A vulnerability in the HTTP framework of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against an affected device. The vulnerability is due to insufficient filtering of output data. An attacker could exploit this vulnerability by persuading a user to follow a link to a malicious site or by intercepting a user request and injecting malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script in the context of the site or access sensitive browser-based information. Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Solution: See the referenced vendor advisory for a solution. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-1431 Cisco Security Advisory: 20160617 Cisco Firepower Management Center Persistent Cross-Site Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160617-fmc |
Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |