← back
CVE-2017-12349

CVE-2017-12349

EPSS 0.9%CWE-79
Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interface. Cisco Bug IDs: CSCvf71978, CSCvf71986.
Affected products
n/a · Cisco UCS Central Software

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-ucs-centralhttp://www.securityfocus.com/bid/102018http://www.securitytracker.com/id/1039924