Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:cisco:sd-wan_vmanage:20.9.3.2:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-20179 |
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to inject HTML content. This vulnerability is due to improper validation of user-supplied data in element fields. An attacker could exploit this vulnerability by submitting malicious content within requests and persuading a user to view a page that contains injected content. A successful exploit could allow the attacker to modify pages within the web-based management interface, possibly leading to further browser-based attacks against users of the application. Published: September 27, 2023; 2:15:10 PM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |