PT-2016-3708 · Cisco · Apic-Em
Published
2016-01-26
·
Updated
2016-12-07
·
CVE-2015-6337
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) version 1.0.10
Description
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a crafted hostname in an SNMP response.
Recommendations
For version 1.0.10, update to a version that fixes this issue, as the current version allows for the injection of malicious scripts.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apic-Em