Cisco Secure Network Analytics Cross-Site Scripting Vulnerability

Cisco Secure Network Analytics is one of the most comprehensive visibility and network traffic analysis (Nta)/network detection and response (Ndr) solutions from Cisco. A cross-site scripting vulnerability exists in versions prior to Cisco Secure Network Analytics 2.1.1, which provides continuous, real-time monitoring and universal view of all network traffic. The vulnerability stems from inadequate validation of user-supplied input by the Web’s management interface. An unauthenticated, remote attacker could exploit the vulnerability to execute arbitrary scripting code or access sensitive browser-based information.