CVE-2015-6402

Name of the Vulnerable Software and Affected Versions Cisco EPC3928 devices with EDVA versions 5.5.10 through 5.5.11 Cisco EPC3928 devices with EDVA version 5.7.1

Description A cross-site scripting (XSS) issue in the management interface allows remote attackers to inject arbitrary web script or HTML via an unspecified value.

Recommendations For EDVA versions 5.5.10 through 5.5.11, update to a version that fixes this issue. For EDVA version 5.7.1, update to a version that fixes this issue. As a temporary workaround, consider restricting access to the management interface to minimize the risk of exploitation.