6 matches found
CVE-2019-16015
The CVE-2019-16015 affects Cisco Data Center Analytics Framework (DCAF) — specifically the web-based management interface. The issue is a reflected cross-site scripting (XSS) vulnerability caused by insufficient validation of user-supplied input. An unauthenticated, remote attacker could lure a u...
CVE-2018-0145
CVE-2018-0145 affects Cisco Data Center Analytics Framework (DCAF) web-based management interface. Vulnerability: reflected cross-site scripting (XSS) due to insufficient input validation. Condition: unauthenticated, remote attacker can lure a user to click a malicious link, enabling arbitrary sc...
CVE-2018-0129
CVE-2018-0129 is a reflected cross-site scripting (XSS) vulnerability in Cisco Data Center Analytics Framework (DCAF) web-based management interface. Unauthenticated, remote attacker could lure a user to click a crafted link, triggering arbitrary script execution in the user’s browser context or ...
CVE-2018-0146
The CVE-2018-0146 entry describes a cross-site request forgery (CSRF) vulnerability in the Cisco Data Center Analytics Framework (DCAF) application. An unauthenticated, remote attacker could induce a user to click a crafted link and submit arbitrary requests, enabling unauthorized actions on beha...
CVE-2018-0128
Cisco Data Center Analytics Framework (DCAF) web-based management interface is affected by CVE-2018-0128, a stored cross-site scripting (XSS) vulnerability caused by insufficient validation of user-supplied input. An unauthenticated remote attacker could entice a user to click a crafted link, ena...
CVE-2015-4189
Cisco Data Center Analytics Framework (DCAF) 1.4 contains a Cross-Site Request Forgery (CSRF) vulnerability that could allow remote attackers to hijack the authentication of arbitrary users (Bug ID CSCun26807). Affected product: DCAF 1.4. Root cause: CSRF protection insufficiency enabling unautho...