Cross-Site Scripting Vulnerabilities in Cisco Prime Security Manager
CVE-2014-3364

Currently unrated

Key Information:

Vendor: Cisco
Status: Prime Security Manager
Vendor: CVE Published:; 13 December 2014

Summary

Cisco Prime Security Manager (PRSM) versions 9.2.1-2 and earlier are susceptible to multiple cross-site scripting (XSS) vulnerabilities. These flaws allow remote attackers to inject arbitrary web scripts or HTML through specific parameters in the Access Policies and Device Summary Dashboard interfaces. Exploiting this vulnerability could potentially lead to unauthorized actions or data theft. It is crucial for users to apply recommended security updates and practices to mitigate such risks.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Dec 13, 2014
Vulnerability Reserved
May 7, 2014