Reflected Cross-Site Scripting Vulnerability in Cisco Industrial Network Director
CVE-2017-6675

6.1MEDIUM

Key Information:

Vendor
Cisco
Status
Cisco Industrial Network Director
Vendor
CVE Published:
13 June 2017

Summary

A vulnerability exists in the web interface of Cisco Industrial Network Director that allows an unauthenticated remote attacker to execute reflected cross-site scripting (XSS) attacks. By exploiting this vulnerability, attackers can potentially inject malicious scripts into web pages viewed by users, aiding in the execution of unauthorized actions on the affected systems.

Affected Version(s)

Cisco Industrial Network Director Cisco Industrial Network Director

References

https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/98962
vdb-entryx_refsource_BID

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.