Lucene search
CiscoCVELIST:CVE-2017-6789HistorySep 07, 2017 - 9:00 p.m.
CVE-2017-6789
2017-09-0721:00:00
CWE-79
cisco
www.cve.org
3
EPSS
0.001
Percentile
47.3%
A vulnerability in the Cisco Unified Intelligence Center web interface could allow an unauthenticated, remote attacker to impact the integrity of the system by executing a Document Object Model (DOM)-based, environment or client-side cross-site scripting (XSS) attack. The vulnerability occurs because user-supplied data in the DOM input is not validated. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious DOM statements to the affected system. A successful exploit could allow the attacker to affect the integrity of the system by manipulating the database. Known Affected Releases 11.0(1)ES10. Cisco Bug IDs: CSCvf18325.
CNA Affected
[
{
"product": "Cisco Unified Intelligence Center",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Unified Intelligence Center"
}
]
}
]Related
nessus
nessus
Cisco Unified Intelligence Center Cross-Site Scripting Vulnerability
2019-10-11 00:00:00
cisco
cisco
Cisco Unified Intelligence Center Cross-Site Scripting Vulnerability
2017-09-06 16:00:00
cve
cve
CVE-2017-6789
2017-09-07 21:29:00
prion
prion
Cross site scripting
2017-09-07 21:29:00
nvd
nvd
CVE-2017-6789
2017-09-07 21:29:00