| 제목 | Unauthenticated persistent cross-site scripting injection into the administrative console of CISCO ISE web application via DHCP request |
|---|
| 설명 | An unauthenticated attacker who is able to inject a specially crafted DHCP request packet into the network controlled by Cisco Identify
Service Engine (ISE), is able to persistently store code (e. g.JavaScript), which is executed in the context of the Web-browser accessing the Web-based management interface.
CVE-2020-3156
Max Moser/Katharina Maennle |
|---|
| 원천 | ⚠️ https://www.modzero.com/advisories/MZ-19-03-CISCO-ISE.txt |
|---|
| 사용자 | misc (UID 3) |
|---|
| 제출 | 2020. 02. 19. PM 08:38 (6 연령 ago) |
|---|
| 모더레이션 | 2020. 08. 10. AM 10:43 (6 months later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 150363 [Cisco Identity Services Engine Log 저장됨 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 19 |
|---|