A vulnerability in the web applications of Cisco UCS Director could allow an authenticated, remote attacker to conduct a cross-site scripting attack on an affected system. This vulnerability is due to unsanitized user input. An attacker could exploit this vulnerability by submitting custom JavaScript to affected web applications. A successful exploit could allow the attacker to rewrite web page content, access sensitive information stored in the applications, and alter data by submitting forms.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 06 Nov 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2024-11-06T16:13:25.525Z

Reserved: 2021-11-02T00:00:00

Link: CVE-2022-20765

cve-icon Vulnrichment

Updated: 2024-08-03T02:24:49.431Z

cve-icon NVD

Status : Modified

Published: 2022-05-27T14:15:08.620

Modified: 2024-11-21T06:43:30.600

Link: CVE-2022-20765

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.