QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-12221

Back to search

CVE-2017-12221

Published: Sep 7, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input by the affected software. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code in the context of the affected system. Cisco Bug IDs: CSCvc38983.

VendorProductVersions

n/a

Cisco Firepower Management Center

affected
Cisco Firepower Management Center

Weaknesses (CWE)

CWE-79

References

100640
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now