Vulnerabilities > Cisco > Unified Computing System Central Software > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-11-30	CVE-2017-12349	Cross-site Scripting vulnerability in Cisco Unified Computing System Central Software 2.2(1A)A Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interface. network low complexity cisco CWE-79	5.4
2017-11-30	CVE-2017-12348	Cross-site Scripting vulnerability in Cisco Unified Computing System Central Software 2.2(1A)A Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interface. network low complexity cisco CWE-79	5.4
2016-05-21	CVE-2016-1401	Cross-site Scripting vulnerability in Cisco Unified Computing System Central Software 1.4(1A) Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Computing System (UCS) Central Software 1.4(1a) allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCuy91250. network low complexity cisco CWE-79	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.