Cross-Site Scripting Vulnerability in Cisco Prime Data Center Network Manager
CVE-2014-3329

Currently unrated

Key Information:

Vendor: Cisco
Status: Prime Data Center Network Manager
Vendor: CVE Published:; 29 July 2014

Summary

A cross-site scripting (XSS) vulnerability exists in the web-server component of Cisco Prime Data Center Network Manager, which could allow remote attackers to inject arbitrary web scripts or HTML into the application. This vulnerability can be exploited by crafting a malicious URL that tricks users into visiting it, thereby compromising the security of the web application and its users.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1030652

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 29, 2014
Vulnerability Reserved
May 7, 2014