CVE-ID |
CVE-2017-6782
|
• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
|
Description |
A vulnerability in the administrative web interface of Cisco Prime
Infrastructure could allow an authenticated, remote attacker to modify
a page in the web interface of the affected application. The
vulnerability is due to improper sanitization of parameter values by
the affected application. An attacker could exploit this vulnerability
by injecting malicious code into an affected parameter and persuading
a user to access a web page that triggers the rendering of the
injected code. Cisco Bug IDs: CSCve47074. Known Affected Releases:
3.2(0.0).
|
References |
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
|
|
Assigning CNA |
Cisco Systems, Inc. |
Date Entry Created |
20170309 |
Disclaimer: The entry creation date may reflect when
the CVE ID was allocated or reserved, and does not
necessarily indicate when this vulnerability was
discovered, shared with the affected vendor, publicly
disclosed, or updated in CVE.
|
Phase (Legacy) |
Assigned (20170309) |
Votes (Legacy) |
|
Comments (Legacy) |
|
Proposed (Legacy) |
N/A |
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities. |
|
For More Information: cve@mitre.org
|