CVE-2017-12349

EPSS 0.24% · P46 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-12349

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected interface or hijack a valid session ID from a user of the affected interface. Cisco Bug IDs: CSCvf71978, CSCvf71986.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

Source: NVD (National Vulnerability Database)

Vulnerability Title

Cisco UCS Central Software 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Cisco UCS Central Software是美国思科（Cisco）公司的一套对全球Cisco UCS（统一计算系统）资源进行服务器管理及监控的解决方案。 Cisco UCS Central Software中的基于Web的管理界面存在会话固定漏洞。远程攻击者可利用该漏洞从基于Web的管理界面中劫持有效的会话ID。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	Cisco UCS Central Software	Cisco UCS Central Software	-

II. Public POCs for CVE-2017-12349

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-12349

Please Login to view more intelligence information

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-ucs-centralx_refsource_CONFIRM
http://www.securityfocus.com/bid/102018vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1039924vdb-entryx_refsource_SECTRACK
https://nvd.nist.gov/vuln/detail/CVE-2017-12349

Same Patch Batch · n/a · 2017-11-30 · 56 CVEs total

CVE-2017-12359		多款Cisco产品WebEx Advanced Recording Format Player 缓冲区错误漏洞
CVE-2017-14198		Squiz Matrix 安全漏洞
CVE-2017-12370		多款Cisco产品WebEx Recording Format Player和Advanced Recording Format Player 安全漏洞
CVE-2017-14196		Squiz Matrix File Bridge插件路径遍历漏洞
CVE-2017-12372		多款Cisco产品WebEx Recording Format Player和Advanced Recording Format Player 安全漏洞
CVE-2017-12371		多款Cisco产品WebEx Recording Format Player和Advanced Recording Format Player 安全漏洞
CVE-2017-14197		Squiz Matrix Matrix WYSIWYG插件跨站脚本漏洞
CVE-2017-12362		Cisco Meeting Server 安全漏洞
CVE-2017-12361		Cisco Jabber for Windows 信息泄露漏洞
CVE-2017-12360		Cisco WebEx Business Suite meeting site和Cisco WebEx Meetings site WebEx Recording Format P
CVE-2017-12363		Cisco WebEx Meeting Server 安全漏洞
CVE-2017-12358		Cisco Jabber for Windows、Mac、Android和iOS Cisco Jabber 跨站脚本漏洞
CVE-2017-12357		Cisco Unified Communications Manager 跨站脚本漏洞
CVE-2017-12356		Cisco Jabber for Windows、Mac、Android和iOS Cisco Jabber 跨站脚本漏洞
CVE-2017-12355		Cisco IOS XR Software 安全漏洞
CVE-2017-12354		Cisco Secure Access Control System 信息泄露漏洞
CVE-2017-12353		Cisco Email Security Appliance Cisco AsyncOS Software Multipurpose Internet Mail Extension
CVE-2017-12352		Cisco Application Policy Infrastructure Controller 命令注入漏洞
CVE-2017-12351		多款Cisco产品NX-OS System Software 安全漏洞
CVE-2017-12348		Cisco UCS Central Software 跨站脚本漏洞

Showing top 20 of 56 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Cisco UCS Central Software

Same vendor: n/a

Same weakness: CWE-79

V. Comments for CVE-2017-12349

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2017-12349

I. Basic Information for CVE-2017-12349

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-12349

III. Intelligence Information for CVE-2017-12349

Same Patch Batch · n/a · 2017-11-30 · 56 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2017-12349

Leave a comment