Lucene search
K

1098 matches found

CVE
CVE
added 2018/03/08 7:0 a.m.57 views

CVE-2018-0219

The CVE-2018-0219 issue affects Cisco Unified Computing System (UCS) Director in its web-based management interface. The root cause is insufficient validation of user-supplied input, enabling an unauthenticated, remote attacker to cause a cross-site scripting (XSS) condition by tricking a user in...

6.1CVSS5.9AI score0.01783EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2018/03/08 7:0 a.m.10 views

CVE-2018-0144

A vulnerability in the web-based management interface of Cisco Prime Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

6AI score0.01783EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2018/03/08 7:0 a.m.8 views

CVE-2018-0220

A vulnerability in the web-based management interface of Cisco Videoscape AnyRes Live could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient...

6AI score0.00678EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/03/08 7:0 a.m.24 views

CVE-2018-0208

A vulnerability in the web-based management interface of the cloud based Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is...

5.3AI score0.00835EPSS
Exploits0References2
CVE
CVE
added 2018/03/08 7:0 a.m.63 views

CVE-2018-0210

Cisco Data Center Network Manager (DCNM) contains a CSRF vulnerability that could allow an unauthenticated, remote attacker to cause arbitrary actions on an affected device by inducing a user to click a crafted link. The issue stems from insufficient CSRF protections in the web-based management i...

8.8CVSS9AI score0.01215EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/03/08 7:0 a.m.52 views

CVE-2018-0208

CVE-2018-0208 affects Cisco Registered Envelope Service (cloud based) web-based management interface. The issue is insufficient validation of user-supplied input, enabling an authenticated, remote attacker to perform cross-site scripting (XSS) against a user of the interface. Exploitation require...

5.4CVSS5.3AI score0.00835EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/03/08 7:0 a.m.23 views

CVE-2018-0220

A vulnerability in the web-based management interface of Cisco Videoscape AnyRes Live could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient...

5.3AI score0.00678EPSS
Exploits0References2
NVD
NVD
added 2018/02/22 12:29 a.m.18 views

CVE-2018-0148

A vulnerability in the web-based management interface of Cisco UCS Director Software and Cisco Integrated Management Controller IMC Supervisor Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected...

8.8CVSS8.9AI score0.00847EPSS
Exploits0References3
NVD
NVD
added 2018/02/22 12:29 a.m.17 views

CVE-2018-0206

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due...

6.1CVSS6AI score0.01244EPSS
Exploits0References3
CVE
CVE
added 2018/02/22 12:0 a.m.59 views

CVE-2018-0148

CVE-2018-0148 affects Cisco UCS Director Software and Cisco IMC Supervisor Software, where the web-based management interface is vulnerable to cross-site request forgery (CSRF). An unauthenticated, remote attacker can induce an authenticated user to click a malicious link, enabling arbitrary acti...

8.8CVSS8.8AI score0.00847EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/02/22 12:0 a.m.77 views

CVE-2018-0206

The CVE affects Cisco Unified Communications Manager (CUCM) web-based management interface. It stems from insufficient validation of user-supplied input, enabling an unauthenticated, remote attacker to trigger a reflected cross-site scripting (XSS) attack by guiding a user to click a crafted link...

6.1CVSS6AI score0.01244EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/02/08 7:0 a.m.49 views

CVE-2018-0129

CVE-2018-0129 is a reflected cross-site scripting (XSS) vulnerability in Cisco Data Center Analytics Framework (DCAF) web-based management interface. Unauthenticated, remote attacker could lure a user to click a crafted link, triggering arbitrary script execution in the user’s browser context or ...

6.1CVSS5.9AI score0.00885EPSS
Exploits0References2Affected Software1
Cisco
Cisco
added 2018/02/07 4:0 p.m.24 views

Cisco Data Center Analytics Framework Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due t...

6.1CVSS1.6AI score0.00885EPSS
Exploits0References1
Prion
Prion
added 2018/01/18 6:29 a.m.19 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco WAP150 Wireless-AC/N Dual Radio Access Point with Power over Ethernet PoE and WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attac...

4.3CVSS6AI score0.00868EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/01/18 6:0 a.m.26 views

CVE-2018-0091

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a Document Object Model DOM cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The...

6AI score0.0122EPSS
Exploits0References3
CVE
CVE
added 2018/01/18 6:0 a.m.57 views

CVE-2018-0091

Cisco ISE DOM-based XSS (CVE-2018-0091) affects the web-based management interface of Cisco Identity Services Engine. The vulnerability arises from insufficient validation of user-supplied input, allowing an unauthenticated, remote attacker to entice a user to click a malicious link and run arbit...

6.1CVSS5.9AI score0.0122EPSS
Exploits0References3Affected Software1
Cisco
Cisco
added 2018/01/17 4:0 p.m.38 views

Cisco WAP150 Wireless Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco WAP150 Wireless-AC/N Dual Radio Access Point with Power over Ethernet PoE and WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attac...

6.1CVSS1.6AI score0.00868EPSS
Exploits0References1
Cisco
Cisco
added 2018/01/17 4:0 p.m.41 views

Cisco Identity Services Engine DOM Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a Document Object Model DOM cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The...

6.1CVSS1.7AI score0.0122EPSS
Exploits0References1
CVE
CVE
added 2018/01/11 9:0 a.m.49 views

CVE-2018-0118

The CVE-2018-0118 issue affects the web-based management interface of Cisco Unified Communications Manager, where insufficient validation of user-supplied input enables an unauthenticated, remote attacker to perform cross-site scripting (XSS) by persuading a user to click a crafted link. The impa...

6.1CVSS6AI score0.01729EPSS
Exploits0References3Affected Software1
Cisco
Cisco
added 2018/01/10 4:0 p.m.57 views

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to perform a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

6.1CVSS2AI score0.01729EPSS
Exploits0References1
Rows per page
Query Builder