Description
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.

This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious data into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials for a user account with the role of Administrator or AAA Administrator. 
Published: 2026-02-25
Score: 4.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Cross‑Site Scripting in Cisco UCS Manager and FXOS
Action: Patch
AI Analysis

Impact

The vulnerability exists in the web‑based management interface of Cisco FXOS Software and Cisco UCS Manager Software. It is a stored cross‑site scripting flaw caused by insufficient validation of user‑supplied input. An attacker with valid Administrator or AAA Administrator credentials can inject malicious data into specific pages. If successfully exploited, the attacker can execute arbitrary script code in the context of the interface or access sensitive, browser‑based information, potentially compromising session data, credentials, or other sensitive information.

Affected Systems

The affected vendors include Cisco, and the affected products are Cisco Firepower Extensible Operating System (FXOS), Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, and Cisco Unified Computing System (Managed). Aggrieved version details are not publicly listed in the CNA data, so organizations should verify if their deployed FXOS or UCS Manager versions match the impacted release lines. Since the CVE was identified in the web interface, any deployment that includes the affected management interface is potentially vulnerable.

Risk and Exploitability

The CVSS base score is 4.8, indicating a moderate impact. The EPSS score is below 1%, showing a low current likelihood of exploitation. The vulnerability is not listed in CISA's KEV catalog. Successful exploitation requires an authenticated user with administrative privileges. Attackers would need to log into the management interface to inject the payload. Thus, the risk is primarily internal or to compromised credentials, but a publicly exposed management interface could be exploited by attackers who obtain or guess credentials.

Generated by OpenCVE AI on April 17, 2026 at 15:07 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Deploy the latest Cisco FXOS and UCS Manager patches that address the XSS vulnerability.
  • Restrict administrative access to the management interface by implementing network segmentation or firewall rules, ensuring only trusted internal users can connect.
  • Configure the web‑browser security settings or use an application firewall to block or filter malicious scripts on the management interface.
  • Monitor logs for anomalous XSS attempts or suspicious input injections and conduct periodic vulnerability scanning of the web interface.

Generated by OpenCVE AI on April 17, 2026 at 15:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Feb 2026 03:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 26 Feb 2026 13:30:00 +0000

Type Values Removed Values Added
First Time appeared Cisco
Cisco cisco:adaptive Security Appliance Software
Cisco firepower Extensible Operating System
Cisco unified Computing System Manager
Vendors & Products Cisco
Cisco cisco:adaptive Security Appliance Software
Cisco firepower Extensible Operating System
Cisco unified Computing System Manager

Wed, 25 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Description A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious data into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability,&nbsp;the attacker must have valid credentials for a user account with the role of Administrator or AAA Administrator.&nbsp;
Title Cisco UCS Manager and FXOS Software Stored Cross-Site Scripting Vulnerability
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 4.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N'}

Subscriptions

Cisco Cisco:adaptive Security Appliance Software Firepower Extensible Operating System Unified Computing System Manager
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2026-02-25T19:05:48.712Z

Reserved: 2025-10-08T11:59:15.368Z

Link: CVE-2026-20091

cve-icon Vulnrichment

Updated: 2026-02-25T18:17:47.436Z

cve-icon NVD

Status : Deferred

Published: 2026-02-25T17:25:26.830

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-20091

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T15:15:21Z

Weaknesses