← voltar
CVE-2017-6782

CVE-2017-6782

EPSS 0.9%
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 0.9%KEV nãoPoC Patch referenciado
Ciclo de vida
17 ago 2017Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability in the administrative web interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to modify a page in the web interface of the affected application. The vulnerability is due to improper sanitization of parameter values by the affected application. An attacker could exploit this vulnerability by injecting malicious code into an affected parameter and persuading a user to access a web page that triggers the rendering of the injected code. Cisco Bug IDs: CSCve47074. Known Affected Releases: 3.2(0.0).
Produtos afetados
Cisco Systems, Inc. · Prime Infrastructure

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-cpihttp://www.securityfocus.com/bid/100366http://www.securitytracker.com/id/1039189