CVE-2014-2147

Name of the Vulnerable Software and Affected Versions Cisco Prime Infrastructure versions 2.1 and earlier

Description The issue is related to a "cross-frame scripting (XFS)" problem, where the web interface does not properly restrict the use of IFRAME elements. This makes it easier for remote attackers to conduct clickjacking attacks and other unspecified attacks via a crafted web site.

Recommendations For Cisco Prime Infrastructure versions 2.1 and earlier, update to a version later than 2.1 to resolve the issue.