CNNVD-202508-3212 Information

CNNVD ID

CNNVD-202508-3212

Related CVE

CVE-2025-20296

• CNNVD Published: 2025-08-27

Description (Chinese)

Cisco UCS Manager Software是美国思科（Cisco）公司的一款设备管理软件。 Cisco UCS Manager Software存在跨站脚本漏洞，该漏洞源于输入验证不足，可能导致存储型跨站脚本攻击。

Description (English)

Cisco UCS Manager Software is an equipment management software for Cisco. Cisco UCS Manager Software had a cross-site script loophole, which stemmed from inadequate input verification and could lead to storage-type cross-site script attacks.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Citadel

Published

2025-08-27

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-xss-Ey6XhyPS https://nvd.nist.gov/vuln/detail/CVE-2025-20296 https://vigilance.fr/vulnerability/Cisco-UCS-Manager-Software-Cross-Site-Scripting-dated-27-08-2025-48068

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-xss-Ey6XhyPS