← back
CVE-2017-15312

CVE-2017-15312

EPSS 0.5%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
22 Dec 2017Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Huawei SmartCare V200R003C10 has a stored XSS (cross-site scripting) vulnerability in the dashboard module. A remote authenticated attacker could exploit this vulnerability to inject malicious scripts in the affected device.
Affected products
Huawei Technologies Co., Ltd. · SmartCare

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www.huawei.com/en/psirt/security-notices/huawei-sn-20171201-01-smartcare-en