Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2017-12307
HistoryJan 18, 2018 - 6:29 a.m.

CVE-2017-12307

2018-01-1806:29:00
CWE-79
[email protected]
web.nvd.nist.gov
4

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

47.9%

JSON

A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of parameters that are passed to the web server of the affected system. An attacker could exploit this vulnerability by convincing a user to follow a malicious link or by intercepting and injecting code into a user request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information. This vulnerability affects the following Cisco Small Business 300 and 500 Series Managed Switches: Cisco Small Business 300 Series Managed Switches, Cisco Small Business 500 Series Stackable Managed Switches, Cisco 350 Series Managed Switches, Cisco 350X Series Stackable Managed Switches, Cisco 550X Series Stackable Managed Switches, Cisco ESW2 Series Advanced Switches. Cisco Bug IDs: CSCvg24637.

Affected configurations

Nvd
Node
ciscosg350-10_firmwareRange1.4.7.01.4.9.4
AND
ciscosg350-10Match-
Node
ciscosg350-10p_firmwareRange1.4.7.01.4.9.4
AND
ciscosg350-10pMatch-
Node
ciscosg350-10mp_firmwareRange1.4.7.01.4.9.4
AND
ciscosg350-10mpMatch-
Node
ciscosg355-10p_firmwareRange1.4.7.01.4.9.4
AND
ciscosg355-10pMatch-
Node
ciscosg350-28_firmwareRange1.4.7.01.4.9.4
AND
ciscosg350-28Match-
Node
ciscosg350-28p_firmwareRange1.4.7.01.4.9.4
AND
ciscosg350-28pMatch-
Node
ciscosg350-28mp_firmwareRange1.4.7.01.4.9.4
AND
ciscosg350-28mpMatch-
Node
ciscosf350-48_firmwareRange1.4.7.01.4.9.4
AND
ciscosf350-48Match-
Node
ciscosf350-48p_firmwareRange1.4.7.01.4.9.4
AND
ciscosf350-48pMatch-
Node
ciscosf350-48mp_firmwareRange1.4.7.01.4.9.4
AND
ciscosf350-48mpMatch-
Node
ciscosg350xg-2f10_firmwareRange1.4.7.01.4.9.4
AND
ciscosg350xg-2f10Match-
Node
ciscosg350xg-24f_firmwareRange1.4.7.01.4.9.4
AND
ciscosg350xg-24fMatch-
Node
ciscosg350xg-24t_firmwareRange1.4.7.01.4.9.4
AND
ciscosg350xg-24tMatch-
Node
ciscosg350xg-48t_firmwareRange1.4.7.01.4.9.4
AND
ciscosg350xg-48tMatch-
Node
ciscosg350x-24_firmwareRange1.4.7.01.4.9.4
AND
ciscosg350x-24Match-
Node
ciscosg350x-24p_firmwareRange1.4.7.01.4.9.4
AND
ciscosg350x-24pMatch-
Node
ciscosg350x-24mp_firmwareRange1.4.7.01.4.9.4
AND
ciscosg350x-24mpMatch-
Node
ciscosg350x-48_firmwareRange1.4.7.01.4.9.4
AND
ciscosg350x-48Match-
Node
ciscosg350x-48p_firmwareRange1.4.7.01.4.9.4
AND
ciscosg350x-48pMatch-
Node
ciscosg350x-48mp_firmwareRange1.4.7.01.4.9.4
AND
ciscosg350x-48mpMatch-
Node
ciscosx550x-16ft_firmwareRange1.4.7.01.4.9.4
AND
ciscosx550x-16ftMatch-
Node
ciscosx550x-24ft_firmwareRange1.4.7.01.4.9.4
AND
ciscosx550x-24ftMatch-
Node
ciscosx550x-12f_firmwareRange1.4.7.01.4.9.4
AND
ciscosx550x-12fMatch-
Node
ciscosx550x-24f_firmwareRange1.4.7.01.4.9.4
AND
ciscosx550x-24fMatch-
Node
ciscosx550x-24_firmwareRange1.4.7.01.4.9.4
AND
ciscosx550x-24Match-
Node
ciscosx550x-52_firmwareRange1.4.7.01.4.9.4
AND
ciscosx550x-52Match-
Node
ciscosg550x-24_firmwareRange1.4.7.01.4.9.4
AND
ciscosg550x-24Match-
Node
ciscosg550x-24p_firmwareRange1.4.7.01.4.9.4
AND
ciscosg550x-24pMatch-
Node
ciscosg550x-24mp_firmwareRange1.4.7.01.4.9.4
AND
ciscosg550x-24mpMatch-
Node
ciscosg550x-24mpp_firmwareRange1.4.7.01.4.9.4
AND
ciscosg550x-24mppMatch-
Node
ciscosg550x-48_firmwareRange1.4.7.01.4.9.4
AND
ciscosg550x-48Match-
Node
ciscosg550x-48p_firmwareRange1.4.7.01.4.9.4
AND
ciscosg550x-48pMatch-
Node
ciscosg550x-48mp_firmwareRange1.4.7.01.4.9.4
AND
ciscosg550x-48mpMatch-
Node
ciscosf550x-24_firmwareRange1.4.7.01.4.9.4
AND
ciscosf550x-24Match-
Node
ciscosf550x-24p_firmwareRange1.4.7.01.4.9.4
AND
ciscosf550x-24pMatch-
Node
ciscosf550x-24mp_firmwareRange1.4.7.01.4.9.4
AND
ciscosf550x-24mpMatch-
Node
ciscosf550x-48_firmwareRange1.4.7.01.4.9.4
AND
ciscosf550x-48Match-
Node
ciscosf550x-48p_firmwareRange1.4.7.01.4.9.4
AND
ciscosf550x-48pMatch-
Node
ciscosf550x-48mp_firmwareRange1.4.7.01.4.9.4
AND
ciscosf550x-48mpMatch-
Node
ciscoesw2-350g-52_firmwareRange1.4.7.01.4.9.4
AND
ciscoesw2-350g-52Match-
Node
ciscoesw2-350g-52dc_firmwareRange1.4.7.01.4.9.4
AND
ciscoesw2-350g-52dcMatch-
Node
ciscoesw2-550x-48_firmwareRange1.4.7.01.4.9.4
AND
ciscoesw2-550x-48Match-
Node
ciscoesw2-550x-48dc_firmwareRange1.4.7.01.4.9.4
AND
ciscoesw2-550x-48dcMatch-
Node
ciscosf302-08pp_firmwareRange1.4.7.01.4.9.4
AND
ciscosf302-08ppMatch-
Node
ciscosf302-08mpp_firmwareRange1.4.7.01.4.9.4
AND
ciscosf302-08mppMatch-
Node
ciscosg300-10pp_firmwareRange1.4.7.01.4.9.4
AND
ciscosg300-10ppMatch-
Node
ciscosg300-10mpp_firmwareRange1.4.7.01.4.9.4
AND
ciscosg300-10mppMatch-
Node
ciscosf300-24pp_firmwareRange1.4.7.01.4.9.4
AND
ciscosf300-24ppMatch-
Node
ciscosf300-48pp_firmwareRange1.4.7.01.4.9.4
AND
ciscosf300-48ppMatch-
Node
ciscosg300-28pp_firmwareRange1.4.7.01.4.9.4
AND
ciscosg300-28ppMatch-
Node
ciscosf300-08_firmwareRange1.4.7.01.4.9.4
AND
ciscosf300-08Match-
Node
ciscosf300-48p_firmwareRange1.4.7.01.4.9.4
AND
ciscosf300-48pMatch-
Node
ciscosg300-10mp_firmwareRange1.4.7.01.4.9.4
AND
ciscosg300-10mpMatch-
Node
ciscosg300-10p_firmwareRange1.4.7.01.4.9.4
AND
ciscosg300-10pMatch-
Node
ciscosg300-10_firmwareRange1.4.7.01.4.9.4
AND
ciscosg300-10Match-
Node
ciscosg300-28p_firmwareRange1.4.7.01.4.9.4
AND
ciscosg300-28pMatch-
Node
ciscosf300-24p_firmwareRange1.4.7.01.4.9.4
AND
ciscosf300-24pMatch-
Node
ciscosf302-08mp_firmwareRange1.4.7.01.4.9.4
AND
ciscosf302-08mpMatch-
Node
ciscosg300-28_firmwareRange1.4.7.01.4.9.4
AND
ciscosg300-28Match-
Node
ciscosf300-48_firmwareRange1.4.7.01.4.9.4
AND
ciscosf300-48Match-
Node
ciscosg300-20_firmwareRange1.4.7.01.4.9.4
AND
ciscosg300-20Match-
Node
ciscosf302-08p_firmwareRange1.4.7.01.4.9.4
AND
ciscosf302-08pMatch-
Node
ciscosg300-52_firmwareRange1.4.7.01.4.9.4
AND
ciscosg300-52Match-
Node
ciscosf300-24_firmwareRange1.4.7.01.4.9.4
AND
ciscosf300-24Match-
Node
ciscosf302-08_firmwareRange1.4.7.01.4.9.4
AND
ciscosf302-08Match-
Node
ciscosf300-24mp_firmwareRange1.4.7.01.4.9.4
AND
ciscosf300-24mpMatch-
Node
ciscosg300-10sfp_firmwareRange1.4.7.01.4.9.4
AND
ciscosg300-10sfpMatch-
Node
ciscosg300-28mp_firmwareRange1.4.7.01.4.9.4
AND
ciscosg300-28mpMatch-
Node
ciscosg300-52p_firmwareRange1.4.7.01.4.9.4
AND
ciscosg300-52pMatch-
Node
ciscosg300-52mp_firmwareRange1.4.7.01.4.9.4
AND
ciscosg300-52mpMatch-
Node
ciscosg500-28mpp_firmwareRange1.4.7.01.4.9.4
AND
ciscosg500-28mppMatch-
Node
ciscosg500-52mp_firmwareRange1.4.7.01.4.9.4
AND
ciscosg500-52mpMatch-
Node
ciscosg500xg-8f8t_firmwareRange1.4.7.01.4.9.4
AND
ciscosg500xg-8f8tMatch-
Node
ciscosf500-24_firmwareRange1.4.7.01.4.9.4
AND
ciscosf500-24Match-
Node
ciscosf500-24p_firmwareRange1.4.7.01.4.9.4
AND
ciscosf500-24pMatch-
Node
ciscosf500-48_firmwareRange1.4.7.01.4.9.4
AND
ciscosf500-48Match-
Node
ciscosf500-48p_firmwareRange1.4.7.01.4.9.4
AND
ciscosf500-48pMatch-
Node
ciscosg500-28_firmwareRange1.4.7.01.4.9.4
AND
ciscosg500-28Match-
Node
ciscosg500-28p_firmwareRange1.4.7.01.4.9.4
AND
ciscosg500-28pMatch-
Node
ciscosg500-52_firmwareRange1.4.7.01.4.9.4
AND
ciscosg500-52Match-
Node
ciscosg500-52p_firmwareRange1.4.7.01.4.9.4
AND
ciscosg500-52pMatch-
Node
ciscosg500x-24_firmwareRange1.4.7.01.4.9.4
AND
ciscosg500x-24Match-
Node
ciscosg500x-24p_firmwareRange1.4.7.01.4.9.4
AND
ciscosg500x-24pMatch-
Node
ciscosg500x-48_firmwareRange1.4.7.01.4.9.4
AND
ciscosg500x-48Match-
Node
ciscosg500x-48p_firmwareRange1.4.7.01.4.9.4
AND
ciscosg500x-48pMatch-
VendorProductVersionCPE
ciscosg350-10_firmware*cpe:2.3:o:cisco:sg350-10_firmware:*:*:*:*:*:*:*:*
ciscosg350-10-cpe:2.3:h:cisco:sg350-10:-:*:*:*:*:*:*:*
ciscosg350-10p_firmware*cpe:2.3:o:cisco:sg350-10p_firmware:*:*:*:*:*:*:*:*
ciscosg350-10p-cpe:2.3:h:cisco:sg350-10p:-:*:*:*:*:*:*:*
ciscosg350-10mp_firmware*cpe:2.3:o:cisco:sg350-10mp_firmware:*:*:*:*:*:*:*:*
ciscosg350-10mp-cpe:2.3:h:cisco:sg350-10mp:-:*:*:*:*:*:*:*
ciscosg355-10p_firmware*cpe:2.3:o:cisco:sg355-10p_firmware:*:*:*:*:*:*:*:*
ciscosg355-10p-cpe:2.3:h:cisco:sg355-10p:-:*:*:*:*:*:*:*
ciscosg350-28_firmware*cpe:2.3:o:cisco:sg350-28_firmware:*:*:*:*:*:*:*:*
ciscosg350-28-cpe:2.3:h:cisco:sg350-28:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 1701

Related

cisco 1
prion 1
cvelist 1
cve 1
cisco
cisco
Cisco Small Business 300 and 500 Series Managed Switches Cross-Site Scripting Vulnerability
2018-01-17 16:00:00
prion
prion
Cross site scripting
2018-01-18 06:29:00
cvelist
cvelist
CVE-2017-12307
2018-01-18 06:00:00
cve
cve
CVE-2017-12307
2018-01-18 06:29:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

47.9%

JSON
Related for NVD:CVE-2017-12307
cisco1prion1cvelist1cve1