Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for ucs_e160s_m3_firmware by cisco

    CVE-2023-20228 (GCVE-0-2023-20228)

    Vulnerability from nvd – Published: 2023-08-16 20:59 – Updated: 2024-08-02 09:05
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information.
    CWE
    • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: N/A
    Create a notification for this product.
    Cisco Cisco Unified Computing System (Standalone) Affected: 3.1(1d)
    Affected: 3.1(2b)
    Affected: 3.1(2c)
    Affected: 3.1(2d)
    Affected: 3.1(2e)
    Affected: 3.1(2g)
    Affected: 3.1(2i)
    Affected: 3.1(3a)
    Affected: 3.1(3b)
    Affected: 3.1(3c)
    Affected: 3.1(3d)
    Affected: 3.1(3g)
    Affected: 3.1(3h)
    Affected: 3.1(3i)
    Affected: 3.1(3j)
    Affected: 3.1(3k)
    Affected: 4.0(1.240)
    Affected: 4.0(1a)
    Affected: 4.0(1b)
    Affected: 4.0(1c)
    Affected: 4.0(1d)
    Affected: 4.0(1e)
    Affected: 4.0(1g)
    Affected: 4.0(1h)
    Affected: 4.0(2c)
    Affected: 4.0(2d)
    Affected: 4.0(2f)
    Affected: 4.0(2g)
    Affected: 4.0(2h)
    Affected: 4.0(2i)
    Affected: 4.0(2l)
    Affected: 4.0(2n)
    Affected: 4.0(4b)
    Affected: 4.0(4c)
    Affected: 4.0(4d)
    Affected: 4.0(4e)
    Affected: 4.0(4f)
    Affected: 4.0(4h)
    Affected: 4.0(4i)
    Affected: 4.0(4k)
    Affected: 4.0(4l)
    Affected: 4.0(4m)
    Affected: 4.0(2o)
    Affected: 4.0(2p)
    Affected: 4.0(4n)
    Affected: 4.0(2q)
    Affected: 4.0(2r)
    Affected: 4.1(1c)
    Affected: 4.1(1d)
    Affected: 4.1(1f)
    Affected: 4.1(1g)
    Affected: 4.1(2a)
    Affected: 4.1(1h)
    Affected: 4.1(2b)
    Affected: 4.1(2f)
    Affected: 4.1(2e)
    Affected: 4.1(3b)
    Affected: 4.1(2d)
    Affected: 4.1(3c)
    Affected: 4.1(3d)
    Affected: 4.1(2g)
    Affected: 4.1(3f)
    Affected: 4.1(2h)
    Affected: 4.1(2j)
    Affected: 4.1(2k)
    Affected: 4.1(2l)
    Affected: 4.1(3h)
    Affected: 4.1(3i)
    Affected: 4.1(3l)
    Affected: 4.2(1a)
    Affected: 4.2(1b)
    Affected: 4.2(1c)
    Affected: 4.2(1e)
    Affected: 4.2(1f)
    Affected: 4.2(1g)
    Affected: 4.2(1i)
    Affected: 4.2(1j)
    Affected: 4.2(2a)
    Affected: 4.2(2f)
    Affected: 4.2(2g)
    Affected: 4.2(3b)
    Affected: 4.2(3d)
    Affected: 4.2(3e)
    Affected: 4.3(1.230097)
    Affected: 4.3(1.230124)
    Affected: 4.3(1.230138)
    Create a notification for this product.
    Cisco Cisco Unified Computing System E-Series Software (UCSE) Affected: 2.1.0
    Affected: 2.4.0
    Affected: 2.4.1
    Affected: 2.4.2
    Affected: 3.2.1
    Affected: 3.2.2
    Affected: 3.2.3
    Affected: 3.2.4
    Affected: 3.2.6
    Affected: 3.2.7
    Affected: 3.2.10
    Affected: 3.2.11.1
    Affected: 3.2.8
    Affected: 3.2.11.3
    Affected: 3.2.11.5
    Affected: 3.2.12.2
    Affected: 3.2.13.6
    Affected: 3.2.14
    Affected: 3.1.1
    Affected: 3.1.2
    Affected: 3.1.3
    Affected: 3.1.4
    Affected: 3.1.5
    Affected: 3.1.0
    Affected: 3.0.1
    Affected: 3.0.2
    Affected: 2.3.1
    Affected: 2.3.2
    Affected: 2.3.3
    Affected: 2.3.5
    Affected: 2.2.1
    Affected: 2.2.2
    Affected: 2.0.0
    Affected: 2.10
    Affected: 3.06
    Affected: 3.02
    Affected: 4.11.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:05:35.864Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-cimc-xss-UMYtYEtr",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-UMYtYEtr"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "Cisco Unified Computing System (Standalone)",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.1(1d)"
                },
                {
                  "status": "affected",
                  "version": "3.1(2b)"
                },
                {
                  "status": "affected",
                  "version": "3.1(2c)"
                },
                {
                  "status": "affected",
                  "version": "3.1(2d)"
                },
                {
                  "status": "affected",
                  "version": "3.1(2e)"
                },
                {
                  "status": "affected",
                  "version": "3.1(2g)"
                },
                {
                  "status": "affected",
                  "version": "3.1(2i)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3a)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3b)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3c)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3d)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3g)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3h)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3i)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3j)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3k)"
                },
                {
                  "status": "affected",
                  "version": "4.0(1.240)"
                },
                {
                  "status": "affected",
                  "version": "4.0(1a)"
                },
                {
                  "status": "affected",
                  "version": "4.0(1b)"
                },
                {
                  "status": "affected",
                  "version": "4.0(1c)"
                },
                {
                  "status": "affected",
                  "version": "4.0(1d)"
                },
                {
                  "status": "affected",
                  "version": "4.0(1e)"
                },
                {
                  "status": "affected",
                  "version": "4.0(1g)"
                },
                {
                  "status": "affected",
                  "version": "4.0(1h)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2c)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2d)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2f)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2g)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2h)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2i)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2l)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2n)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4b)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4c)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4d)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4e)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4f)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4h)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4i)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4k)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4l)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4m)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2o)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2p)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4n)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2q)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2r)"
                },
                {
                  "status": "affected",
                  "version": "4.1(1c)"
                },
                {
                  "status": "affected",
                  "version": "4.1(1d)"
                },
                {
                  "status": "affected",
                  "version": "4.1(1f)"
                },
                {
                  "status": "affected",
                  "version": "4.1(1g)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2a)"
                },
                {
                  "status": "affected",
                  "version": "4.1(1h)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2b)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2f)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2e)"
                },
                {
                  "status": "affected",
                  "version": "4.1(3b)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2d)"
                },
                {
                  "status": "affected",
                  "version": "4.1(3c)"
                },
                {
                  "status": "affected",
                  "version": "4.1(3d)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2g)"
                },
                {
                  "status": "affected",
                  "version": "4.1(3f)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2h)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2j)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2k)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2l)"
                },
                {
                  "status": "affected",
                  "version": "4.1(3h)"
                },
                {
                  "status": "affected",
                  "version": "4.1(3i)"
                },
                {
                  "status": "affected",
                  "version": "4.1(3l)"
                },
                {
                  "status": "affected",
                  "version": "4.2(1a)"
                },
                {
                  "status": "affected",
                  "version": "4.2(1b)"
                },
                {
                  "status": "affected",
                  "version": "4.2(1c)"
                },
                {
                  "status": "affected",
                  "version": "4.2(1e)"
                },
                {
                  "status": "affected",
                  "version": "4.2(1f)"
                },
                {
                  "status": "affected",
                  "version": "4.2(1g)"
                },
                {
                  "status": "affected",
                  "version": "4.2(1i)"
                },
                {
                  "status": "affected",
                  "version": "4.2(1j)"
                },
                {
                  "status": "affected",
                  "version": "4.2(2a)"
                },
                {
                  "status": "affected",
                  "version": "4.2(2f)"
                },
                {
                  "status": "affected",
                  "version": "4.2(2g)"
                },
                {
                  "status": "affected",
                  "version": "4.2(3b)"
                },
                {
                  "status": "affected",
                  "version": "4.2(3d)"
                },
                {
                  "status": "affected",
                  "version": "4.2(3e)"
                },
                {
                  "status": "affected",
                  "version": "4.3(1.230097)"
                },
                {
                  "status": "affected",
                  "version": "4.3(1.230124)"
                },
                {
                  "status": "affected",
                  "version": "4.3(1.230138)"
                }
              ]
            },
            {
              "product": "Cisco Unified Computing System E-Series Software (UCSE)",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.1.0"
                },
                {
                  "status": "affected",
                  "version": "2.4.0"
                },
                {
                  "status": "affected",
                  "version": "2.4.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.2"
                },
                {
                  "status": "affected",
                  "version": "3.2.1"
                },
                {
                  "status": "affected",
                  "version": "3.2.2"
                },
                {
                  "status": "affected",
                  "version": "3.2.3"
                },
                {
                  "status": "affected",
                  "version": "3.2.4"
                },
                {
                  "status": "affected",
                  "version": "3.2.6"
                },
                {
                  "status": "affected",
                  "version": "3.2.7"
                },
                {
                  "status": "affected",
                  "version": "3.2.10"
                },
                {
                  "status": "affected",
                  "version": "3.2.11.1"
                },
                {
                  "status": "affected",
                  "version": "3.2.8"
                },
                {
                  "status": "affected",
                  "version": "3.2.11.3"
                },
                {
                  "status": "affected",
                  "version": "3.2.11.5"
                },
                {
                  "status": "affected",
                  "version": "3.2.12.2"
                },
                {
                  "status": "affected",
                  "version": "3.2.13.6"
                },
                {
                  "status": "affected",
                  "version": "3.2.14"
                },
                {
                  "status": "affected",
                  "version": "3.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.1.2"
                },
                {
                  "status": "affected",
                  "version": "3.1.3"
                },
                {
                  "status": "affected",
                  "version": "3.1.4"
                },
                {
                  "status": "affected",
                  "version": "3.1.5"
                },
                {
                  "status": "affected",
                  "version": "3.1.0"
                },
                {
                  "status": "affected",
                  "version": "3.0.1"
                },
                {
                  "status": "affected",
                  "version": "3.0.2"
                },
                {
                  "status": "affected",
                  "version": "2.3.1"
                },
                {
                  "status": "affected",
                  "version": "2.3.2"
                },
                {
                  "status": "affected",
                  "version": "2.3.3"
                },
                {
                  "status": "affected",
                  "version": "2.3.5"
                },
                {
                  "status": "affected",
                  "version": "2.2.1"
                },
                {
                  "status": "affected",
                  "version": "2.2.2"
                },
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.10"
                },
                {
                  "status": "affected",
                  "version": "3.06"
                },
                {
                  "status": "affected",
                  "version": "3.02"
                },
                {
                  "status": "affected",
                  "version": "4.11.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-80",
                  "description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:58:25.643Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-cimc-xss-UMYtYEtr",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-UMYtYEtr"
            }
          ],
          "source": {
            "advisory": "cisco-sa-cimc-xss-UMYtYEtr",
            "defects": [
              "CSCwe96259",
              "CSCwf98681",
              "CSCwh65092"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20228",
        "datePublished": "2023-08-16T20:59:07.910Z",
        "dateReserved": "2022-10-27T18:47:50.369Z",
        "dateUpdated": "2024-08-02T09:05:35.864Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20228 (GCVE-0-2023-20228)

    Vulnerability from cvelistv5 – Published: 2023-08-16 20:59 – Updated: 2024-08-02 09:05
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information.
    CWE
    • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: N/A
    Create a notification for this product.
    Cisco Cisco Unified Computing System (Standalone) Affected: 3.1(1d)
    Affected: 3.1(2b)
    Affected: 3.1(2c)
    Affected: 3.1(2d)
    Affected: 3.1(2e)
    Affected: 3.1(2g)
    Affected: 3.1(2i)
    Affected: 3.1(3a)
    Affected: 3.1(3b)
    Affected: 3.1(3c)
    Affected: 3.1(3d)
    Affected: 3.1(3g)
    Affected: 3.1(3h)
    Affected: 3.1(3i)
    Affected: 3.1(3j)
    Affected: 3.1(3k)
    Affected: 4.0(1.240)
    Affected: 4.0(1a)
    Affected: 4.0(1b)
    Affected: 4.0(1c)
    Affected: 4.0(1d)
    Affected: 4.0(1e)
    Affected: 4.0(1g)
    Affected: 4.0(1h)
    Affected: 4.0(2c)
    Affected: 4.0(2d)
    Affected: 4.0(2f)
    Affected: 4.0(2g)
    Affected: 4.0(2h)
    Affected: 4.0(2i)
    Affected: 4.0(2l)
    Affected: 4.0(2n)
    Affected: 4.0(4b)
    Affected: 4.0(4c)
    Affected: 4.0(4d)
    Affected: 4.0(4e)
    Affected: 4.0(4f)
    Affected: 4.0(4h)
    Affected: 4.0(4i)
    Affected: 4.0(4k)
    Affected: 4.0(4l)
    Affected: 4.0(4m)
    Affected: 4.0(2o)
    Affected: 4.0(2p)
    Affected: 4.0(4n)
    Affected: 4.0(2q)
    Affected: 4.0(2r)
    Affected: 4.1(1c)
    Affected: 4.1(1d)
    Affected: 4.1(1f)
    Affected: 4.1(1g)
    Affected: 4.1(2a)
    Affected: 4.1(1h)
    Affected: 4.1(2b)
    Affected: 4.1(2f)
    Affected: 4.1(2e)
    Affected: 4.1(3b)
    Affected: 4.1(2d)
    Affected: 4.1(3c)
    Affected: 4.1(3d)
    Affected: 4.1(2g)
    Affected: 4.1(3f)
    Affected: 4.1(2h)
    Affected: 4.1(2j)
    Affected: 4.1(2k)
    Affected: 4.1(2l)
    Affected: 4.1(3h)
    Affected: 4.1(3i)
    Affected: 4.1(3l)
    Affected: 4.2(1a)
    Affected: 4.2(1b)
    Affected: 4.2(1c)
    Affected: 4.2(1e)
    Affected: 4.2(1f)
    Affected: 4.2(1g)
    Affected: 4.2(1i)
    Affected: 4.2(1j)
    Affected: 4.2(2a)
    Affected: 4.2(2f)
    Affected: 4.2(2g)
    Affected: 4.2(3b)
    Affected: 4.2(3d)
    Affected: 4.2(3e)
    Affected: 4.3(1.230097)
    Affected: 4.3(1.230124)
    Affected: 4.3(1.230138)
    Create a notification for this product.
    Cisco Cisco Unified Computing System E-Series Software (UCSE) Affected: 2.1.0
    Affected: 2.4.0
    Affected: 2.4.1
    Affected: 2.4.2
    Affected: 3.2.1
    Affected: 3.2.2
    Affected: 3.2.3
    Affected: 3.2.4
    Affected: 3.2.6
    Affected: 3.2.7
    Affected: 3.2.10
    Affected: 3.2.11.1
    Affected: 3.2.8
    Affected: 3.2.11.3
    Affected: 3.2.11.5
    Affected: 3.2.12.2
    Affected: 3.2.13.6
    Affected: 3.2.14
    Affected: 3.1.1
    Affected: 3.1.2
    Affected: 3.1.3
    Affected: 3.1.4
    Affected: 3.1.5
    Affected: 3.1.0
    Affected: 3.0.1
    Affected: 3.0.2
    Affected: 2.3.1
    Affected: 2.3.2
    Affected: 2.3.3
    Affected: 2.3.5
    Affected: 2.2.1
    Affected: 2.2.2
    Affected: 2.0.0
    Affected: 2.10
    Affected: 3.06
    Affected: 3.02
    Affected: 4.11.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:05:35.864Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-cimc-xss-UMYtYEtr",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-UMYtYEtr"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "Cisco Unified Computing System (Standalone)",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.1(1d)"
                },
                {
                  "status": "affected",
                  "version": "3.1(2b)"
                },
                {
                  "status": "affected",
                  "version": "3.1(2c)"
                },
                {
                  "status": "affected",
                  "version": "3.1(2d)"
                },
                {
                  "status": "affected",
                  "version": "3.1(2e)"
                },
                {
                  "status": "affected",
                  "version": "3.1(2g)"
                },
                {
                  "status": "affected",
                  "version": "3.1(2i)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3a)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3b)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3c)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3d)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3g)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3h)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3i)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3j)"
                },
                {
                  "status": "affected",
                  "version": "3.1(3k)"
                },
                {
                  "status": "affected",
                  "version": "4.0(1.240)"
                },
                {
                  "status": "affected",
                  "version": "4.0(1a)"
                },
                {
                  "status": "affected",
                  "version": "4.0(1b)"
                },
                {
                  "status": "affected",
                  "version": "4.0(1c)"
                },
                {
                  "status": "affected",
                  "version": "4.0(1d)"
                },
                {
                  "status": "affected",
                  "version": "4.0(1e)"
                },
                {
                  "status": "affected",
                  "version": "4.0(1g)"
                },
                {
                  "status": "affected",
                  "version": "4.0(1h)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2c)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2d)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2f)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2g)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2h)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2i)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2l)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2n)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4b)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4c)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4d)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4e)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4f)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4h)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4i)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4k)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4l)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4m)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2o)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2p)"
                },
                {
                  "status": "affected",
                  "version": "4.0(4n)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2q)"
                },
                {
                  "status": "affected",
                  "version": "4.0(2r)"
                },
                {
                  "status": "affected",
                  "version": "4.1(1c)"
                },
                {
                  "status": "affected",
                  "version": "4.1(1d)"
                },
                {
                  "status": "affected",
                  "version": "4.1(1f)"
                },
                {
                  "status": "affected",
                  "version": "4.1(1g)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2a)"
                },
                {
                  "status": "affected",
                  "version": "4.1(1h)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2b)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2f)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2e)"
                },
                {
                  "status": "affected",
                  "version": "4.1(3b)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2d)"
                },
                {
                  "status": "affected",
                  "version": "4.1(3c)"
                },
                {
                  "status": "affected",
                  "version": "4.1(3d)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2g)"
                },
                {
                  "status": "affected",
                  "version": "4.1(3f)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2h)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2j)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2k)"
                },
                {
                  "status": "affected",
                  "version": "4.1(2l)"
                },
                {
                  "status": "affected",
                  "version": "4.1(3h)"
                },
                {
                  "status": "affected",
                  "version": "4.1(3i)"
                },
                {
                  "status": "affected",
                  "version": "4.1(3l)"
                },
                {
                  "status": "affected",
                  "version": "4.2(1a)"
                },
                {
                  "status": "affected",
                  "version": "4.2(1b)"
                },
                {
                  "status": "affected",
                  "version": "4.2(1c)"
                },
                {
                  "status": "affected",
                  "version": "4.2(1e)"
                },
                {
                  "status": "affected",
                  "version": "4.2(1f)"
                },
                {
                  "status": "affected",
                  "version": "4.2(1g)"
                },
                {
                  "status": "affected",
                  "version": "4.2(1i)"
                },
                {
                  "status": "affected",
                  "version": "4.2(1j)"
                },
                {
                  "status": "affected",
                  "version": "4.2(2a)"
                },
                {
                  "status": "affected",
                  "version": "4.2(2f)"
                },
                {
                  "status": "affected",
                  "version": "4.2(2g)"
                },
                {
                  "status": "affected",
                  "version": "4.2(3b)"
                },
                {
                  "status": "affected",
                  "version": "4.2(3d)"
                },
                {
                  "status": "affected",
                  "version": "4.2(3e)"
                },
                {
                  "status": "affected",
                  "version": "4.3(1.230097)"
                },
                {
                  "status": "affected",
                  "version": "4.3(1.230124)"
                },
                {
                  "status": "affected",
                  "version": "4.3(1.230138)"
                }
              ]
            },
            {
              "product": "Cisco Unified Computing System E-Series Software (UCSE)",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.1.0"
                },
                {
                  "status": "affected",
                  "version": "2.4.0"
                },
                {
                  "status": "affected",
                  "version": "2.4.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.2"
                },
                {
                  "status": "affected",
                  "version": "3.2.1"
                },
                {
                  "status": "affected",
                  "version": "3.2.2"
                },
                {
                  "status": "affected",
                  "version": "3.2.3"
                },
                {
                  "status": "affected",
                  "version": "3.2.4"
                },
                {
                  "status": "affected",
                  "version": "3.2.6"
                },
                {
                  "status": "affected",
                  "version": "3.2.7"
                },
                {
                  "status": "affected",
                  "version": "3.2.10"
                },
                {
                  "status": "affected",
                  "version": "3.2.11.1"
                },
                {
                  "status": "affected",
                  "version": "3.2.8"
                },
                {
                  "status": "affected",
                  "version": "3.2.11.3"
                },
                {
                  "status": "affected",
                  "version": "3.2.11.5"
                },
                {
                  "status": "affected",
                  "version": "3.2.12.2"
                },
                {
                  "status": "affected",
                  "version": "3.2.13.6"
                },
                {
                  "status": "affected",
                  "version": "3.2.14"
                },
                {
                  "status": "affected",
                  "version": "3.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.1.2"
                },
                {
                  "status": "affected",
                  "version": "3.1.3"
                },
                {
                  "status": "affected",
                  "version": "3.1.4"
                },
                {
                  "status": "affected",
                  "version": "3.1.5"
                },
                {
                  "status": "affected",
                  "version": "3.1.0"
                },
                {
                  "status": "affected",
                  "version": "3.0.1"
                },
                {
                  "status": "affected",
                  "version": "3.0.2"
                },
                {
                  "status": "affected",
                  "version": "2.3.1"
                },
                {
                  "status": "affected",
                  "version": "2.3.2"
                },
                {
                  "status": "affected",
                  "version": "2.3.3"
                },
                {
                  "status": "affected",
                  "version": "2.3.5"
                },
                {
                  "status": "affected",
                  "version": "2.2.1"
                },
                {
                  "status": "affected",
                  "version": "2.2.2"
                },
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.10"
                },
                {
                  "status": "affected",
                  "version": "3.06"
                },
                {
                  "status": "affected",
                  "version": "3.02"
                },
                {
                  "status": "affected",
                  "version": "4.11.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-80",
                  "description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:58:25.643Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-cimc-xss-UMYtYEtr",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-UMYtYEtr"
            }
          ],
          "source": {
            "advisory": "cisco-sa-cimc-xss-UMYtYEtr",
            "defects": [
              "CSCwe96259",
              "CSCwf98681",
              "CSCwh65092"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20228",
        "datePublished": "2023-08-16T20:59:07.910Z",
        "dateReserved": "2022-10-27T18:47:50.369Z",
        "dateUpdated": "2024-08-02T09:05:35.864Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }