Cross-Site Scripting Vulnerability in Cisco Network Analysis Module
CVE-2015-0656

Currently unrated

Key Information:

Vendor: Cisco
Status: Network Analysis Module Firmware
Vendor: CVE Published:; 4 March 2015

Summary

A cross-site scripting vulnerability exists in the login page of the Cisco Network Analysis Module (NAM), which allows remote attackers to inject arbitrary web scripts or HTML. This vulnerability could potentially be exploited via various unspecified vectors, leading to unauthorized actions or information disclosure. It is crucial for users of this product to ensure they are running the latest secure versions and to follow best practices for minimizing XSS risks.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1031827

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Mar 4, 2015
Vulnerability Reserved
Jan 7, 2015