CVE-2026-20085 in Enterprise NFV Infrastructure Softwareinfo

Zusammenfassung (Englisch)

A vulnerability in the web-based management interface of Cisco IMC could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface.

This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Zuständig

cisco

Reservieren

08.10.2025

Veröffentlichung

01.04.2026

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

IDSchwachstelleCWEAusMasCVE
354725Cisco Enterprise NFV Infrastructure Software Web-based Management Cross Site Scripting79Nicht definiertOffizieller FixCVE-2026-20085

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

ZurückÜbersichtWeiter

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!