Kwetsbaarheid CVE-2018-15467

A Vulnerability In The Web-based Management Interface Of Cisco TelePresence Management Suite (TMS) Could Allow An Unauthenticated, Remote Attacker To Conduct A Cross-site Scripting (XSS) Attack Against A User Of The Web-based Management Interface Of An Affected Device. The Vulnerability Is Due To Insufficient Validation Of User-supplied Input By The Web-based Management Interface Of An Affected Device. An Attacker Could Exploit This Vulnerability By Persuading A User Of The Interface To Click A Crafted Link. A Successful Exploit Could Allow The Attacker To Execute Arbitrary Script Code In The Context Of The Interface Or Allow The Attacker To Access Sensitive Browser-based Information.

Algemeen

CVE
CVE-2018-15467
Leverancier(s) betrokken
Omschrijving
A Vulnerability In The Web-based Management Interface Of Cisco TelePresence Management Suite (TMS) Could Allow An Unauthenticated, Remote Attacker To Conduct A Cross-site Scripting (XSS) Attack Against A User Of The Web-based Management Interface Of An Affected Device. The Vulnerability Is Due To Insufficient Validation Of User-supplied Input By The Web-based Management Interface Of An Affected Device. An Attacker Could Exploit This Vulnerability By Persuading A User Of The Interface To Click A Crafted Link. A Successful Exploit Could Allow The Attacker To Execute Arbitrary Script Code In The Context Of The Interface Or Allow The Attacker To Access Sensitive Browser-based Information.
Publicatie
Vrijdag, 11 Januari 2019
Gewijzigd
Zaterdag, 12 Januari 2019 15:00
Ernst

Referenties

Modificatie geschiedenis

Geef hieronder je email adres op en word op de hoogte gehouden van aanpassingen aan deze CVE