CVE-2015-0594

Currently unrated

Key Information:

Vendor: Cisco
Status: Security Manager; Prime Lan Management Solution
Vendor: CVE Published:; 27 February 2015

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS) and Cisco Security Manager, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuq54654 and CSCun18263.

References

http://www.securitytracker.com/id/1031813

vdb-entryx_refsource_SECTRACK

http://www.securitytracker.com/id/1031814

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Feb 27, 2015
Vulnerability Reserved
Jan 7, 2015