Enviar #156: Unauthenticated persistent cross-site scripting injection into the administrative console of CISCO ISE web application via DHCP requestinformación

TítuloUnauthenticated persistent cross-site scripting injection into the administrative console of CISCO ISE web application via DHCP request
DescripciónAn unauthenticated attacker who is able to inject a specially crafted DHCP request packet into the network controlled by Cisco Identify Service Engine (ISE), is able to persistently store code (e. g.JavaScript), which is executed in the context of the Web-browser accessing the Web-based management interface. CVE-2020-3156 Max Moser/Katharina Maennle
Fuente⚠️ https://www.modzero.com/advisories/MZ-19-03-CISCO-ISE.txt
Usuario
 misc (UID 3)
Sumisión2020-02-19 20:38 (hace 6 años)
Moderación2020-08-10 10:43 (6 months later)
EstadoAceptado
Entrada de VulDB150363 [Cisco Identity Services Engine Log Almacenado secuencias de comandos en sitios cruzados]
Puntos19

AnteriorVisión De ConjuntoPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!