Test Kennung:	1.3.6.1.4.1.25623.1.0.106167
Kategorie:	CISCO
Titel:	Cisco Prime Infrastructure Cross-Frame Scripting Vulnerability
Zusammenfassung:	A vulnerability in the web interface of Cisco Prime Infrastructure;could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack.;;This vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerability;by directing a user to an attacker-controlled web page that contains a malicious HTML iframe. An exploit could;allow the attacker to conduct clickjacking or other client-side browser attacks.
Beschreibung:	Summary: A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack. This vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerability by directing a user to an attacker-controlled web page that contains a malicious HTML iframe. An exploit could allow the attacker to conduct clickjacking or other client-side browser attacks. Solution: Upgrade to Cisco Prime Infrastructure version 3.1(1) or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1474 BugTraq ID: 92278 http://www.securityfocus.com/bid/92278 Cisco Security Advisory: 20160803 Cisco Prime Infrastructure Cross-Frame Scripting Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-cpi http://www.securitytracker.com/id/1036530
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.