CVE-2022-20635 – Multiple vulnerabilities in the web-based management interface of Cisco Security Manager c …

14 January 2022

Vuln ID: CVE-2022-20635

Published: 2022-01-14 05:15:10Z

Description: Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.

Source: NVD.NIST.GOV

Date:

14 January 2022

Categorie(s):

NVD

Tag(s):

NVD

Tracing the Steps of Cyber Intruders: The Path of Lateral Movement23 April 2024
GitHub Comments Abused to Spread Malware in Fake Microsoft Repositories23 April 2024
PoC Exploit Released For Critical Oracle VirtualBox Vulnerability23 April 2024
New Torq HyperSOC leverages AI for threat investigation and remediation23 April 2024
Mandiant: Orgs are detecting cybercriminals faster than ever23 April 2024