cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-16015,https://securityvulnerability.io/vulnerability/CVE-2019-16015,Cisco Data Center Analytics Framework Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information on the affected system.",Cisco,Cisco Data Center Analytics Framework,6.1,MEDIUM,0.001509999972768128,false,,false,false,true,2024-08-05T02:15:48.000Z,,false,false,,2020-01-26T05:15:00.000Z,0
CVE-2018-0145,https://securityvulnerability.io/vulnerability/CVE-2018-0145,,"A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information on the affected system. Cisco Bug IDs: CSCvg45105.",Cisco,Cisco Data Center Analytics Framework,6.1,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2018-02-22T00:00:00.000Z,0
CVE-2018-0146,https://securityvulnerability.io/vulnerability/CVE-2018-0146,,"A vulnerability in the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to improper CSRF protection by the affected application. An attacker could exploit this vulnerability by persuading a user of the affected application to click a malicious link. A successful exploit could allow the attacker to submit arbitrary requests and take unauthorized actions on behalf of the user. Cisco Bug IDs: CSCvg45114.",Cisco,Cisco Data Center Analytics Framework,5.4,MEDIUM,0.000699999975040555,false,,false,false,false,,,false,false,,2018-02-22T00:00:00.000Z,0
CVE-2018-0128,https://securityvulnerability.io/vulnerability/CVE-2018-0128,,"A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvh02082.",Cisco,Cisco Data Center Analytics Framework,6.1,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2018-02-08T07:00:00.000Z,0
CVE-2018-0129,https://securityvulnerability.io/vulnerability/CVE-2018-0129,,"A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvh02088.",Cisco,Cisco Data Center Analytics Framework,6.1,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2018-02-08T07:00:00.000Z,0