CVE-2018-0465: Cisco Small Business 300 Series Managed Switches Cross-Site Scripting Vulnerability

First published: Fri Oct 05 2018(Updated: )

A vulnerability in the web-based management interface of Cisco Small Business 300 Series Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected system. The vulnerability exists because the affected management interface performs insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or allow the attacker to access sensitive, browser-based information.

Credit: ykramarz@cisco.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/type
• agent/references
• agent/title
• agent/author
• agent/weakness
• agent/severity
• agent/description
• agent/event
• agent/first-publish-date
• collector/mitre-cve
• source/MITRE
• agent/last-modified-date
• agent/source
• agent/softwarecombine
• agent/tags
• collector/nvd-index
• agent/software-canonical-lookup-request
• vendor/cisco
• canonical/cisco sf302-08pp firmware
• version/cisco sf302-08pp firmware/1.4.2.4
• canonical/cisco sf302-08
• canonical/cisco sf302-08mpp firmware
• version/cisco sf302-08mpp firmware/1.4.2.4
• canonical/cisco sg300-10pp
• version/cisco sg300-10pp/1.4.2.4
• canonical/cisco sg300-10pp firmware
• canonical/cisco sg300-10mpp firmware
• version/cisco sg300-10mpp firmware/1.4.2.4
• canonical/cisco sf300-24pp firmware
• version/cisco sf300-24pp firmware/1.4.2.4
• canonical/cisco sf300-48pp firmware
• version/cisco sf300-48pp firmware/1.4.2.4
• canonical/cisco sg300-28pp firmware
• version/cisco sg300-28pp firmware/1.4.2.4
• canonical/cisco sf300-08 firmware
• version/cisco sf300-08 firmware/1.4.2.4
• canonical/cisco sf300-48p firmware
• version/cisco sf300-48p firmware/1.4.2.4
• canonical/cisco sg300-10mp firmware
• version/cisco sg300-10mp firmware/1.4.2.4
• canonical/cisco sg300-10p firmware
• version/cisco sg300-10p firmware/1.4.2.4
• canonical/cisco sg300 series firmware
• version/cisco sg300 series firmware/1.4.2.4
• canonical/cisco sg300-10 firmware
• canonical/cisco sg300-28p firmware
• version/cisco sg300-28p firmware/1.4.2.4
• canonical/cisco sg300-28p
• canonical/cisco sf300-24p
• version/cisco sf300-24p/1.4.2.4
• canonical/cisco sf300-24p firmware
• canonical/cisco sf302-08mp firmware
• version/cisco sf302-08mp firmware/1.4.2.4
• canonical/cisco sg300-28 firmware
• canonical/cisco sf300-48p
• canonical/cisco sg300-20 firmware
• canonical/cisco sf302-08p
• version/cisco sf302-08p/1.4.2.4
• canonical/cisco sg300-52p
• version/cisco sf300-24p firmware/1.4.2.4
• canonical/cisco sf300-24 firmware
• canonical/cisco sf302-08 firmware
• version/cisco sf302-08 firmware/1.4.2.4
• canonical/cisco sf300-24mp firmware
• version/cisco sf300-24mp firmware/1.4.2.4
• canonical/cisco sf300-24mp
• canonical/cisco sg300-10sfp firmware
• canonical/cisco sg300-28mp
• version/cisco sg300-28mp/1.4.2.4
• canonical/cisco sg300-52p firmware
• version/cisco sg300-52p firmware/1.4.2.4
• canonical/cisco sg300-52mp firmware
• version/cisco sg300-52mp firmware/1.4.2.4