Vulnerabilities > Cisco > Unified Computing System Central Software > 2.2.1a.a

DATE CVE VULNERABILITY TITLE RISK
2017-11-30 CVE-2017-12349 Cross-site Scripting vulnerability in Cisco Unified Computing System Central Software 2.2(1A)A
Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interface.
network
low complexity
cisco CWE-79
5.4
5.4
2017-11-30 CVE-2017-12348 Cross-site Scripting vulnerability in Cisco Unified Computing System Central Software 2.2(1A)A
Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interface.
network
low complexity
cisco CWE-79
5.4
5.4