CVE-2014-3329

Public PoC / Exploit

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Cross-site scripting (XSS) vulnerability in the web-server component in Cisco Prime Data Center Network Manager (DCNM) 6.3(2) and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum86620.

Weaknesses (CWE)

CWE-79

Affected Products (8)

cisco · prime_data_center_network_managervulnerable

References (10)

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3329

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=35065

Vendor Advisory

http://www.securityfocus.com/bid/68926

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1030652

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/94889

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3329

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=35065