CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2017/11/30 9:29 a.m.•15 views

Cross site scripting

Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scripting XSS attack against a user of the affected interface or hijack a valid session ID from a user of the affected interface. Cisco Bug IDs:...

3.5CVSS5.3AI score0.00891EPSS

Cvelist•added 2017/11/30 9:0 a.m.•31 views

CVE-2017-12356

A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is du...

5.9AI score0.0122EPSS

Exploits0References3

CVE•added 2017/11/30 9:0 a.m.•61 views

CVE-2017-12357

The CVE-2017-12357 issue affects Cisco Unified Communications Manager (CUCM) web-based administration interface. The vulnerability stems from improper validation of user-supplied input in the web UI, enabling an authenticated, remote attacker to persuade a user to click a crafted link and trigger...

5.4CVSS5.2AI score0.00891EPSS

CVE•added 2017/11/30 9:0 a.m.•82 views

CVE-2017-12358

Cisco Jabber’s web-based management interface (Windows, Mac, Android, iOS) contains an XSS vulnerability due to insufficient input validation. An authenticated, remote attacker could entice a user to click a malicious link, potentially executing arbitrary script code in the interface or accessing...

5.4CVSS5.2AI score0.00642EPSS

Exploits0References2Affected Software1

Cisco•added 2017/11/29 4:0 p.m.•39 views

Cisco Jabber Clients Cross-Site Scripting Vulnerability

6.1CVSS5.9AI score0.0122EPSS

Cisco•added 2017/11/29 4:0 p.m.•35 views

Multiple Vulnerabilities in Cisco UCS Central Software

5.4CVSS5.4AI score0.00891EPSS

Cisco•added 2017/11/29 4:0 p.m.•41 views

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

5.4CVSS5.3AI score0.00891EPSS

Prion•added 2017/11/16 7:29 a.m.•13 views

Cross site scripting

Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...

4.3CVSS6.2AI score0.00868EPSS

CVE•added 2017/11/16 7:0 a.m.•59 views

CVE-2017-12304

CVE-2017-12304 affects Cisco IOS and IOS XE Software via the IOSd web-based management interface. The root cause is insufficient validation of user-supplied input, enabling an unauthenticated, remote attacker to craft a link that a user must click, potentially allowing arbitrary script execution ...

6.1CVSS6AI score0.0122EPSS

CVE•added 2017/11/16 7:0 a.m.•45 views

CVE-2017-12292

Cisco Registered Envelope Service (cloud-based) web interface contains multiple cross-site scripting (XSS) vulnerabilities due to insufficient validation of user-supplied input. An unauthenticated, remote attacker could lure a user via a malicious link or crafted HTTP request to execute arbitrary...

6.1CVSS6.1AI score0.00868EPSS

Exploits0References2Affected Software1

Cvelist•added 2017/11/16 7:0 a.m.•17 views

CVE-2017-12290

6.2AI score0.00868EPSS

Cvelist•added 2017/11/16 7:0 a.m.•21 views

CVE-2017-12292

6.2AI score0.00868EPSS

Cvelist•added 2017/11/16 7:0 a.m.•16 views

CVE-2017-12291

6.2AI score0.00868EPSS

NVD•added 2017/10/19 8:29 a.m.•13 views

CVE-2017-12288

A vulnerability in the web-based management interface of Cisco Unified Contact Center Express could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected device. The vulnerability is due to insufficient validation of user-supplied inp...

6.1CVSS6AI score0.0122EPSS

Exploits0References3

Tenable Nessus•added 2017/09/13 12:0 a.m.•33 views

Cisco Firepower Management Center Multiple XSS

The version of Cisco Firepower Management Center installed on the remote host is equal or prior to 6.0.1.3. It is, therefore, affected by multiple cross-site scripting vulnerabilities: - A reflected cross-site scripting vulnerability in the web-based management interface due to improper validatio...

6.1CVSS6AI score0.01086EPSS

Exploits0References4

Prion•added 2017/08/07 6:29 a.m.•17 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Jabber Guest Server 10.69, 11.00, and 11.01 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected software. The vulnerability ...

4.3CVSS6AI score0.01234EPSS

Exploits0References4Affected Software1

OpenVAS•added 2017/08/03 12:0 a.m.•22 views

Cisco Adaptive Security Appliance Authenticated Cross-Site Scripting Vulnerability (cisco-sa-20170802-asa)

A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance ASA could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. Copyright C 2017 Greenbone Networks...

5.4CVSS5.3AI score0.00902EPSS