Cisco Common Services Platform Collector(CSPC)是美国思科(Cisco)公司的一款通用服务平台数据收集器。该产品通过轮询思科设备的基本库存和配置数据分析网络性能,并识别风险和漏洞。
Cisco Common Services Platform Collector跨站脚本漏洞
Cisco Common Services Platform Collector存在跨站脚本漏洞,攻击者可利用该漏洞在界面上下文中执行任意脚本代码或访问基于浏览器的敏感信息。
CVE ID:CVE-2022-20666
危害级别:中
漏洞类型:通用型漏洞
影响产品:Cisco Common Services Platform Collector >=2.9,<=2.10
漏洞解决方案:厂商已发布了漏洞修复程序,请及时关注更新:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-multi-xss-tyDFjhwb
Cisco Common Services Platform Collector跨站脚本漏洞
Cisco Common Services Platform Collector存在跨站脚本漏洞,攻击者可利用该漏洞在界面上下文中执行任意脚本代码或访问基于浏览器的敏感信息。
CVE ID:CVE-2022-20667
危害级别:中
漏洞类型:通用型漏洞
影响产品:Cisco Common Services Platform Collector >=2.9,<=2.10
漏洞解决方案:厂商已发布了漏洞修复程序,请及时关注更新:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-multi-xss-tyDFjhwb
Cisco Common Services Platform Collector跨站脚本漏洞
Cisco Common Services Platform Collector存在跨站脚本漏洞,攻击者可利用该漏洞在界面上下文中执行任意脚本代码或访问基于浏览器的敏感信息。
CVE ID:CVE-2022-20672
危害级别:中
漏洞类型:通用型漏洞
影响产品:
Cisco Common Services Platform Collector <=2.9
Cisco Common Services Platform Collector 2.10
漏洞解决方案:厂商已发布了漏洞修复程序,请及时关注更新:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-multi-xss-tyDFjhwb
参考:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20672
Cisco Common Services Platform Collector跨站脚本漏洞
Cisco Common Services Platform Collector存在跨站脚本漏洞,攻击者可利用该漏洞在界面上下文中执行任意脚本代码或访问基于浏览器的敏感信息。
CVE ID:CVE-2022-20671
危害级别:中
漏洞类型:通用型漏洞
影响产品:
Cisco Common Services Platform Collector <=2.9
Cisco Common Services Platform Collector 2.10
漏洞解决方案:厂商已发布了漏洞修复程序,请及时关注更新:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-multi-xss-tyDFjhwb
参考:https://nvd.nist.gov/vuln/detail/CVE-2022-20671
Cisco Common Services Platform Collector跨站脚本漏洞
Cisco Common Services Platform Collector 2.9到2.10版本存在跨站脚本漏洞,攻击者可利用该漏洞在界面上下文中执行任意脚本代码或访问基于浏览器的敏感信息。
CVE ID:CVE-2022-20673
危害级别:中
漏洞类型:通用型漏洞
影响产品:Cisco Common Services Platform Collector >=2.9,<=2.10
漏洞解决方案:厂商已发布了漏洞修复程序,请及时关注更新:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-multi-xss-tyDFjh
参考:https://nvd.nist.gov/vuln/detail/CVE-2022-20673
Cisco Common Services Platform Collector跨站脚本漏洞
Cisco Common Services Platform Collector 2.10.0.2之前版本存在跨站脚本漏洞,攻击者可利用该漏洞在界面上下文中执行任意脚本代码或访问基于浏览器的敏感信息。
CVE ID:CVE-2022-20670
危害级别:中
漏洞类型:通用型漏洞
影响产品:Cisco Common Services Platform Collector <2.10.0.2
漏洞解决方案:厂商已发布了漏洞修复程序,请及时关注更新:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-multi-xss-tyDFjhwb
参考:https://nvd.nist.gov/vuln/detail/CVE-2022-20670
Cisco Common Services Platform Collector跨站脚本漏洞
Cisco Common Services Platform Collector 2.9到2.10版本存在跨站脚本漏洞,攻击者可利用该漏洞在界面上下文中执行任意脚本代码或访问基于浏览器的敏感信息。
CVE ID:CVE-2022-20674
危害级别:中
漏洞类型:通用型漏洞
影响产品:Cisco Common Services Platform Collector >=2.9,<=2.10
漏洞解决方案:厂商已发布了漏洞修复程序,请及时关注更新:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-multi-xss-tyDFjhwb
参考:https://nvd.nist.gov/vuln/detail/CVE-2022-20674
点个关注:
原文始发于微信公众号(漏洞更新):Cisco Common Services Platform Collector 漏洞
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论