Cross-site scripting (XSS) vulnerability in the web-server component in Cisco Prime Data Center Network Manager (DCNM) 6.3(2) and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum86620.
2014-07-29T20:55:08.520
2025-04-12T10:46:40.837
Deferred
CVSSv2: 4.3 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | cisco | prime_data_center_network_manager | ≤ 6.3\(2\) | Yes |
| Application | cisco | prime_data_center_network_manager | 6.1 | Yes |
| Application | cisco | prime_data_center_network_manager | 6.1\(1\) | Yes |
| Application | cisco | prime_data_center_network_manager | 6.2\(1\) | Yes |
| Application | cisco | prime_data_center_network_manager | 6.2\(3\) | Yes |
| Application | cisco | prime_data_center_network_manager | 6.2\(5\) | Yes |
| Application | cisco | prime_data_center_network_manager | 6.2\(5a\) | Yes |
| Application | cisco | prime_data_center_network_manager | 6.3\(1\) | Yes |