CVE-2017-6749
published 2017-07-25CVE-2017-6749: A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored…
medium5.4CVSS 3.0
AVNACLPRLUIRSCCLILAN
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88865. Known Affected Releases: 10.1.0-204.
Affected
20 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance_stored | — | — |
| cisco | web_security_virtual_appliance | — | — |
| cisco | web_security_virtual_appliance | — | — |
| cisco | web_security_virtual_appliance | — | — |
| cisco | web_security_virtual_appliance | — | — |
| cisco | web_security_virtual_appliance | — | — |
| cisco | web_security_virtual_appliance | — | — |
| cisco | web_security_virtual_appliance | — | — |
| oauth2-server_project | oauth2-server | 0 – 3.1.1 | — |
CVSS provenance
nvdv3.05.4MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
ghsa9.1CRITICAL