Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2021-1374

A vulnerability in the web-based management interface of Cisco IOS XE Wireless Controller software for the Catalyst 9000 Family of switches could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against another user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by authenticating to the device as a high-privileged user, adding certain configurations with malicious code in one of its fields, and persuading another user to click on it. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or to access sensitive, browser-based information.

  • Published: Mar 24, 2021
  • Updated: Apr 14, 2023
  • CVE: CVE-2021-1374
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.8
  • AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CVSS v2:

  • Severity: Low
  • Score: 3.5
  • AV:N/AC:M/Au:S/C:N/I:P/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
cisco / ios_xe 16.6.1 16.6.1.x
cisco / ios_xe 16.6.3 16.6.3.x
cisco / ios_xe 16.8.1 16.8.1.x
cisco / ios_xe 16.7.1 16.7.1.x
cisco / ios_xe 16.6.2 16.6.2.x
cisco / ios_xe 16.9.1 16.9.1.x
cisco / ios_xe 16.8.1a 16.8.1a.x
cisco / ios_xe 16.8.1s 16.8.1s.x
cisco / ios_xe 16.8.1b 16.8.1b.x
cisco / ios_xe 16.8.2 16.8.2.x
cisco / ios_xe 16.7.2 16.7.2.x
cisco / ios_xe 16.8.1d 16.8.1d.x
cisco / ios_xe 16.7.3 16.7.3.x
cisco / ios_xe 16.7.1a 16.7.1a.x
cisco / ios_xe 16.7.1b 16.7.1b.x
cisco / ios_xe 16.8.1c 16.8.1c.x
cisco / ios_xe 16.8.1e 16.8.1e.x
cisco / ios_xe 16.9.1s 16.9.1s.x
cisco / ios_xe 16.9.1c 16.9.1c.x
cisco / ios_xe 16.9.1b 16.9.1b.x
cisco / ios_xe 16.9.1d 16.9.1d.x
cisco / ios_xe 16.6.4s 16.6.4s.x
cisco / ios_xe 16.6.4 16.6.4.x
cisco / ios_xe 16.10.1 16.10.1.x
cisco / ios_xe 16.7.4 16.7.4.x
cisco / ios_xe 16.9.1a 16.9.1a.x
cisco / ios_xe 16.9.2a 16.9.2a.x
cisco / ios_xe 16.9.2 16.9.2.x
cisco / ios_xe 16.6.4a 16.6.4a.x
cisco / ios_xe 16.12.1 16.12.1.x
cisco / ios_xe 16.6.5 16.6.5.x
cisco / ios_xe 16.11.1 16.11.1.x
cisco / ios_xe 17.1.1 17.1.1.x
cisco / ios_xe 16.11.1a 16.11.1a.x
cisco / ios_xe 16.12.1c 16.12.1c.x
cisco / ios_xe 16.12.1t 16.12.1t.x
cisco / ios_xe 16.11.2 16.11.2.x
cisco / ios_xe 16.12.1s 16.12.1s.x
cisco / ios_xe 16.12.1a 16.12.1a.x
cisco / ios_xe 16.12.1x 16.12.1x.x
cisco / ios_xe 16.11.1c 16.11.1c.x
cisco / ios_xe 16.11.1b 16.11.1b.x
cisco / ios_xe 16.11.1s 16.11.1s.x
cisco / ios_xe 16.12.1w 16.12.1w.x
cisco / ios_xe 16.10.1s 16.10.1s.x
cisco / ios_xe 16.10.1d 16.10.1d.x
cisco / ios_xe 16.9.2s 16.9.2s.x
cisco / ios_xe 16.6.6 16.6.6.x
cisco / ios_xe 16.9.3h 16.9.3h.x
cisco / ios_xe 16.6.5b 16.6.5b.x
cisco / ios_xe 16.6.5a 16.6.5a.x
cisco / ios_xe 16.9.3a 16.9.3a.x
cisco / ios_xe 16.10.1a 16.10.1a.x
cisco / ios_xe 16.10.1f 16.10.1f.x
cisco / ios_xe 16.10.1g 16.10.1g.x
cisco / ios_xe 16.10.2 16.10.2.x
cisco / ios_xe 16.9.3 16.9.3.x
cisco / ios_xe 16.12.1y 16.12.1y.x
cisco / ios_xe 16.10.1e 16.10.1e.x
cisco / ios_xe 16.10.1b 16.10.1b.x
cisco / ios_xe 16.8.3 16.8.3.x
cisco / ios_xe 16.9.3s 16.9.3s.x
cisco / ios_xe 16.10.1c 16.10.1c.x
cisco / ios_xe 16.9.4 16.9.4.x
cisco / ios_xe 16.12.2 16.12.2.x
cisco / ios_xe 16.6.7a 16.6.7a.x
cisco / ios_xe 16.9.4c 16.9.4c.x
cisco / ios_xe 16.12.2a 16.12.2a.x
cisco / ios_xe 16.6.7 16.6.7.x
cisco / ios_xe 16.10.3 16.10.3.x
cisco / ios_xe 16.12.4 16.12.4.x
cisco / ios_xe 16.9.5 16.9.5.x
cisco / ios_xe 16.9.5f 16.9.5f.x
cisco / ios_xe 16.6.8 16.6.8.x
cisco / ios_xe 16.12.3 16.12.3.x
cisco / ios_xe 17.2.1 17.2.1.x
cisco / ios_xe 17.1.1s 17.1.1s.x
cisco / ios_xe 16.12.2t 16.12.2t.x
cisco / ios_xe 17.1.1a 17.1.1a.x
cisco / ios_xe 16.12.2s 16.12.2s.x
cisco / ios_xe 16.12.3a 16.12.3a.x
cisco / ios_xe 17.1.1t 17.1.1t.x
cisco / ios_xe 17.2.1a 17.2.1a.x
cisco / ios_xe 17.2.1v 17.2.1v.x
cisco / ios_xe 16.12.1z 16.12.1z.x
cisco / ios_xe 16.12.3s 16.12.3s.x
cisco / ios_xe 17.2.1r 17.2.1r.x
cisco / ios_xe 17.1.2 17.1.2.x
cisco / ios_xe 16.12.4a 16.12.4a.x