CVE-2017-12348 - AskarLabs CVE Database

CVE-2017-12348

Vendor N/A

Product Cisco UCS Central Software

Weakness CWE-79 · XSS

Published November 30, 2017

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interface. Cisco Bug IDs: CSCvf71978, CSCvf71986.

Key dates

02Disclosure timeline

November 30, 2017 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-12348 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2022-2065 Cross-site Scripting (XSS) - Stored in neorazorx/facturascripts CVE-2025-3970 baseweb JSite save cross site scripting CVE-2025-31471 WordPress Duplicate Page and Post plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability CVE-2023-25023 WordPress WebinarIgnition Plugin <= 2.14.2 is vulnerable to Cross Site Scripting (XSS) CVE-2023-3785 PaulPrinting CMS cross site scripting