Kwetsbaarheid CVE-2018-15457

A Vulnerability In The Web-based Management Interface Of Cisco Prime Infrastructure Could Allow An Unauthenticated, Remote Attacker To Conduct A Cross-site Scripting (XSS) Attack Against A User Of The Web-based Management Interface Of An Affected System. The Vulnerability Is Due To Insufficient Validation Of User-supplied Input By The Web-based Management Interface Of The Affected System. An Attacker Could Exploit This Vulnerability By Persuading A User Of The Interface To Click A Maliciously Crafted Link. A Successful Exploit Could Allow The Attacker To Execute Arbitrary Script Code In The Context Of The Affected Interface Or Access Sensitive, Browser-based Information.

Algemeen

CVE
CVE-2018-15457
Leverancier(s) betrokken
Omschrijving
A Vulnerability In The Web-based Management Interface Of Cisco Prime Infrastructure Could Allow An Unauthenticated, Remote Attacker To Conduct A Cross-site Scripting (XSS) Attack Against A User Of The Web-based Management Interface Of An Affected System. The Vulnerability Is Due To Insufficient Validation Of User-supplied Input By The Web-based Management Interface Of The Affected System. An Attacker Could Exploit This Vulnerability By Persuading A User Of The Interface To Click A Maliciously Crafted Link. A Successful Exploit Could Allow The Attacker To Execute Arbitrary Script Code In The Context Of The Affected Interface Or Access Sensitive, Browser-based Information.
Publicatie
Donderdag, 10 Januari 2019
Gewijzigd
Vrijdag, 11 Januari 2019 15:00
Ernst

Referenties

Modificatie geschiedenis

Geef hieronder je email adres op en word op de hoogte gehouden van aanpassingen aan deze CVE