Unknown
CVE-2017-12307
CVE-2017-12307
Description
A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of parameters that are passed to the web server of the affected system. An attacker could exploit this vulnerability by convincing a user to follow a malicious link or by intercepting and injecting code into a user request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information. This vulnerability affects the following Cisco Small Business 300 and 500 Series Managed Switches: Cisco Small Business 300 Series Managed Switches, Cisco Small Business 500 Series Stackable Managed Switches, Cisco 350 Series Managed Switches, Cisco 350X Series Stackable Managed Switches, Cisco 550X Series Stackable Managed Switches, Cisco ESW2 Series Advanced Switches. Cisco Bug IDs: CSCvg24637.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- esw2-350g-52 firmware,
- esw2-350g-52dc firmware,
- esw2-550x-48 firmware,
- esw2-550x-48dc firmware,
- sf300-08 firmware,
- sf300-24 firmware,
- sf300-24mp firmware,
- sf300-24p firmware,
- sf300-24pp firmware,
- sf300-48 firmware,
- sf300-48p firmware,
- sf300-48pp firmware,
- sf302-08 firmware,
- sf302-08mp firmware,
- sf302-08mpp firmware,
- sf302-08p firmware,
- sf302-08pp firmware,
- sf350-48 firmware,
- sf350-48mp firmware,
- sf350-48p firmware,
- sf500-24 firmware,
- sf500-24p firmware,
- sf500-48 firmware,
- sf500-48p firmware,
- sf550x-24 firmware,
- sf550x-24mp firmware,
- sf550x-24p firmware,
- sf550x-48 firmware,
- sf550x-48mp firmware,
- sf550x-48p firmware,
- sg300-10 firmware,
- sg300-10mp firmware,
- sg300-10mpp firmware,
- sg300-10p firmware,
- sg300-10pp firmware,
- sg300-10sfp firmware,
- sg300-20 firmware,
- sg300-28 firmware,
- sg300-28mp firmware,
- sg300-28p firmware,
- sg300-28pp firmware,
- sg300-52 firmware,
- sg300-52mp firmware,
- sg300-52p firmware,
- sg350-10 firmware,
- sg350-10mp firmware,
- sg350-10p firmware,
- sg350-28 firmware,
- sg350-28mp firmware,
- sg350-28p firmware,
- sg350x-24 firmware,
- sg350x-24mp firmware,
- sg350x-24p firmware,
- sg350x-48 firmware,
- sg350x-48mp firmware,
- sg350x-48p firmware,
- sg350xg-24f firmware,
- sg350xg-24t firmware,
- sg350xg-2f10 firmware,
- sg350xg-48t firmware,
- sg355-10p firmware,
- sg500-28 firmware,
- sg500-28mpp firmware,
- sg500-28p firmware,
- sg500-52 firmware,
- sg500-52mp firmware,
- sg500-52p firmware,
- sg500x-24 firmware,
- sg500x-24p firmware,
- sg500x-48 firmware,
- sg500x-48p firmware,
- sg500xg-8f8t firmware,
- sg550x-24 firmware,
- sg550x-24mp firmware,
- sg550x-24mpp firmware,
- sg550x-24p firmware,
- sg550x-48 firmware,
- sg550x-48mp firmware,
- sg550x-48p firmware,
- sx550x-12f firmware,
- sx550x-16ft firmware,
- sx550x-24 firmware,
- sx550x-24f firmware,
- sx550x-24ft firmware,
- sx550x-52 firmware
