CVE-2022-20626 in Prime Access Registrarinfo

Zusammenfassung

von MITRE • 15.11.2024

A vulnerability in the web-based management interface of Cisco Prime Access Registrar Appliance could allow an authenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. The attacker would require valid credentials for the device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Zuständig

Cisco

Reservieren

02.11.2021

Veröffentlichung

15.11.2024

Moderieren

akzeptiert

Eintrag

VDB-284774

CPE

bereit

EPSS

0.00436

KEV

nein

Aktivitäten

very low

Quellen

Interested in the pricing of exploits?

See the underground prices here!