Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interface. Cisco Bug IDs: CSCvf71978, CSCvf71986.
[
{
"product": "Cisco UCS Central Software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco UCS Central Software"
}
]
}
]