Lucene search
CiscoCVELIST:CVE-2018-0289HistoryMay 17, 2018 - 3:00 a.m.
CVE-2018-0289
2018-05-1703:00:00
CWE-79
cisco
www.cve.org
5
EPSS
0.001
Percentile
46.2%
A vulnerability in the logs component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of requests stored in logs in the application management interface. An attacker could exploit this vulnerability by sending malicious requests to the targeted system. An exploit could allow the attacker to conduct cross-site scripting attacks when an administrator views the log files. Cisco Bug IDs: CSCvh11308.
CNA Affected
[
{
"product": "Cisco Identity Services Engine",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Identity Services Engine"
}
]
}
]Related
cisco
cisco
Cisco Identity Services Engine Logs Cross-Site Scripting Vulnerability
2018-05-16 16:00:00
nvd
nvd
CVE-2018-0289
2018-05-17 03:29:00
nessus
nessus
Cisco Identity Services Engine Cross-Site Scripting Vulnerability
2018-06-15 00:00:00
cve
cve
CVE-2018-0289
2018-05-17 03:29:00
prion
prion
Cross site scripting
2018-05-17 03:29:00