Lucene search
CiscoCISCO-SA-20171129-UCS-CENTRALHistoryNov 29, 2017 - 4:00 p.m.
Multiple Vulnerabilities in Cisco UCS Central Software
2017-11-2916:00:00
tools.cisco.com
17
0.001 Low
EPSS
Percentile
34.7%
Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interface.
For more information about these vulnerabilities, see the βDetailsβ section of this security advisory.
There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-ucs-central [βhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-ucs-centralβ]
Affected configurations
Node
ciscounified_computing_system_central_softwareMatchany
ORciscounified_computing_system_central_softwareMatchany
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco unified computing system central software | eq | any | |
| cisco unified computing system central software | eq | any |
Related
prion
prion
Cross site scripting
2017-11-30 09:29:00
Cross site scripting
2017-11-30 09:29:00
cvelist
cvelist
CVE-2017-12348
2017-11-30 09:00:00
CVE-2017-12349
2017-11-30 09:00:00
nvd
nvd
CVE-2017-12349
2017-11-30 09:29:00
CVE-2017-12348
2017-11-30 09:29:00
cve
cve
CVE-2017-12348
2017-11-30 09:29:00
CVE-2017-12349
2017-11-30 09:29:00