exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 3

CVE-2023-20179

больше 2 лет назад

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to inject HTML content. This vulnerability is due to improper validation of user-supplied data in element fields. An attacker could exploit this vulnerability by submitting malicious content within requests and persuading a user to view a page that contains injected content. A successful exploit could allow the attacker to modify pages within the web-based management interface, possibly leading to further browser-based attacks against users of the application.

CVSS3: 4.3

EPSS: Низкий

GHSA-6g9h-226r-qp89

больше 2 лет назад

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to inject HTML content. This vulnerability is due to improper validation of user-supplied data in element fields. An attacker could exploit this vulnerability by submitting malicious content within requests and persuading a user to view a page that contains injected content. A successful exploit could allow the attacker to modify pages within the web-based management interface, possibly leading to further browser-based attacks against users of the application.

CVSS3: 4.3

EPSS: Низкий

BDU:2023-06247

больше 3 лет назад

Уязвимость веб-интерфейса управления централизованной системы управления сетью Cisco Catalyst SD-WAN Manager (ранее Cisco SD-WAN vManage), позволяющая нарушителю проводить межсайтовые сценарные атаки

CVSS3: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2023-20179 A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to inject HTML content. This vulnerability is due to improper validation of user-supplied data in element fields. An attacker could exploit this vulnerability by submitting malicious content within requests and persuading a user to view a page that contains injected content. A successful exploit could allow the attacker to modify pages within the web-based management interface, possibly leading to further browser-based attacks against users of the application.	CVSS3: 4.3	0% Низкий	больше 2 лет назад
GHSA-6g9h-226r-qp89 A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to inject HTML content. This vulnerability is due to improper validation of user-supplied data in element fields. An attacker could exploit this vulnerability by submitting malicious content within requests and persuading a user to view a page that contains injected content. A successful exploit could allow the attacker to modify pages within the web-based management interface, possibly leading to further browser-based attacks against users of the application.	CVSS3: 4.3	0% Низкий	больше 2 лет назад
BDU:2023-06247 Уязвимость веб-интерфейса управления централизованной системы управления сетью Cisco Catalyst SD-WAN Manager (ранее Cisco SD-WAN vManage), позволяющая нарушителю проводить межсайтовые сценарные атаки	CVSS3: 4.3	0% Низкий	больше 3 лет назад

Уязвимостей на страницу