Test Kennung:	1.3.6.1.4.1.25623.1.0.106603
Kategorie:	CISCO
Titel:	Cisco Unified Communications Manager Web Interface Cross-Site Scripting Vulnerability (cisco-sa-20170215-ucm)
Zusammenfassung:	A vulnerability in the web framework of Cisco Unified; Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site; scripting (XSS) attack against a user of the web interface of the affected software.
Beschreibung:	Summary: A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software. Vulnerability Insight: The vulnerability is due to insufficient input validation of user-supplied parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by persuading a user to click a crafted link. Vulnerability Impact: A successful exploit could allow the attacker to execute arbitrary script in the context of the affected web interface. Solution: See the referenced vendor advisory for a solution. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-3833 BugTraq ID: 96246 http://www.securityfocus.com/bid/96246
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.