Kwetsbaarheid CVE-2018-0482

A Vulnerability In The Web-based Management Interface Of Cisco Prime Network Control System Could Allow An Authenticated, Remote Attacker To Conduct A Stored Cross-site Scripting (XSS) Attack Against A User Of The Web Interface Of The Affected System. The Vulnerability Is Due To Insufficient Validation Of User-supplied Input By The Web-based Management Interface Of An Affected Device. An Attacker Could Exploit This Vulnerability By Persuading A User Of The Interface To Click A Malicious Link. A Successful Exploit Could Allow The Attacker To Execute Arbitrary Script Code In The Context Of The Web-based Management Interface Or Allow The Attacker To Access Sensitive Browser-based Information.

Algemeen

CVE
CVE-2018-0482
Leverancier(s) betrokken
Omschrijving
A Vulnerability In The Web-based Management Interface Of Cisco Prime Network Control System Could Allow An Authenticated, Remote Attacker To Conduct A Stored Cross-site Scripting (XSS) Attack Against A User Of The Web Interface Of The Affected System. The Vulnerability Is Due To Insufficient Validation Of User-supplied Input By The Web-based Management Interface Of An Affected Device. An Attacker Could Exploit This Vulnerability By Persuading A User Of The Interface To Click A Malicious Link. A Successful Exploit Could Allow The Attacker To Execute Arbitrary Script Code In The Context Of The Web-based Management Interface Or Allow The Attacker To Access Sensitive Browser-based Information.
Publicatie
Donderdag, 10 Januari 2019
Gewijzigd
Vrijdag, 11 Januari 2019 15:00
Ernst

Referenties

Modificatie geschiedenis

Geef hieronder je email adres op en word op de hoogte gehouden van aanpassingen aan deze CVE