CVE-2017-12349

Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interface. Cisco Bug IDs: CSCvf71978, CSCvf71986.

Data: Cisco advisories 1 day ago · Cisco CSAF 4 hours ago · NVD CVEs 7 hours ago · NVD CPEs 1 day ago · CISA KEV 1 day ago · EPSS 1 day ago

Severity	MEDIUM
CVSS	5.4
EPSS	0.24% EPSS low
CWE	CWE-79
KEV
Published	8 years ago
Modified	1 week ago

Products with public affected evidence

Product	Advisory	Affected evidence
Cisco Unified Computing System Central Software	cisco-sa-20171129-ucs-central	structured affected CSAF product_status