QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-12348

Back to search

CVE-2017-12348

Published: Nov 30, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interface. Cisco Bug IDs: CSCvf71978, CSCvf71986.

VendorProductVersions

n/a

Cisco UCS Central Software

affected
Cisco UCS Central Software

Weaknesses (CWE)

CWE-79

References

102018
vdb-entry
x_refsource_BID
1039924
vdb-entry
x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now