CVE-2017-12344
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software. Cisco Bug IDs: CSCvf40477, CSCvf63150, CSCvf68218, CSCvf68235, CSCvf68247.
Múltiples vulnerabilidades en el software Data Center Network Manager (DCNM) de Cisco podrían permitir que un atacante remoto inyecte valores arbitrarios en los parámetros de configuración de DCNM, redirija un usuario a una página web maliciosa, inyecte contenido malicioso en una interfaz de cliente de DCNM o realice un ataque Cross-Site Scripting (XSS) contra un usuario del software afectado. Cisco Bug IDs: CSCvf40477, CSCvf63150, CSCvf68218, CSCvf68235, CSCvf68247.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-08-03 CVE Reserved
- 2017-11-30 CVE Published
- 2023-10-10 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/101996 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-dcnm | 2019-10-09 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Data Center Network Manager Search vendor "Cisco" for product "Data Center Network Manager" | 10.2\(1\) Search vendor "Cisco" for product "Data Center Network Manager" and version "10.2\(1\)" | - |
Affected
|