Lucene search
CiscoCVE-2015-6387HistoryDec 05, 2015 - 3:59 a.m.
CVE-2015-6387
2015-12-0503:59:02
CWE-79
cisco
web.nvd.nist.gov
25
cve-2015-6387
cross-site scripting
xss vulnerability
cisco unified computing system
ucs central software
remote attackers
web script injection
bug id cscux33573
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
49.1%
Cross-site scripting (XSS) vulnerability in Cisco Unified Computing System (UCS) Central Software 1.3(0.1) allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCux33573.
Affected configurations
Node
ciscounified_computing_system_central_softwareMatch1.3\(0.1\)
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unified_computing_system_central_software | 1.3(0.1) | cpe:2.3:a:cisco:unified_computing_system_central_software:1.3\(0.1\):*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2015-6387
2015-12-05 03:59:02
cvelist
cvelist
CVE-2015-6387
2015-12-05 02:00:00
cisco
cisco
prion
prion
Cross site scripting
2015-12-05 03:59:00
openvas
openvas
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
49.1%
Related for CVE-2015-6387