Cisco Industrial Network Director Stored Cross-Site Scripting Vulnerability
CVE-2019-1882

5.4MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Industrial Network Director
Vendor: CVE Published:; 5 June 2019

Badges

👾 Exploit Exists

What is CVE-2019-1882?

A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. The vulnerability is due to improper validation of content submitted to the affected application. An attacker could exploit this vulnerability by sending requests containing malicious values to the affected system. A successful exploit could allow the attacker to conduct XSS attacks.

Affected Version(s)

Cisco Industrial Network Director 1.5(0.250)

References

https://tools.cisco.com/security/center/content/CiscoSecu...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/108629

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Aug 4, 2024
Vulnerability published
Jun 5, 2019
Vulnerability Reserved
Dec 6, 2018