Lucene search

CiscoCISCO-SA-20070315-CVE-2007-1467

HistoryMar 15, 2007 - 8:15 p.m.

Cisco Online Help System Cross-Site Scripting Vulnerability

2007-03-1520:15:47

tools.cisco.com

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.012 Low

EPSS

Percentile

84.9%

JSON

Multiple Cisco products contain a vulnerability in the Online Help System that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks.

This vulnerability exists because the search feature of the web-based Online Help System interface fails to sufficiently filter user-supplied input. An unauthenticated, remote attacker could exploit this vulnerability by convincing a user to follow a crafted link. This action could allow the attacker to execute arbitrary code in a user’s browser in the context of the affected site. An exploit could allow the attacker to access sensitive browser information or take actions on the affected site as the targeted user.

Cisco confirmed this vulnerability in a security response and issued
approved workarounds.

Attackers cannot exploit this vulnerability directly; instead, they must convince a user to follow a crafted link. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site, which may permit the attacker to access confidential browser information or take actions on the affected site as the user. In some related applications, an attacker may make configuration changes on an affected system with the privileges of the targeted user. This vector may require a targeted user to authenticate to an administration interface before an exploit can occur.

Because many of the affected products may be considered valuable assets, this vulnerability could draw the attention of attackers that are invested in corporate
espionage. The ability to access a competitor’s datastream, network, or VoIP telephone system are choice outcomes for individuals that deal in stolen information.

Administrators are strongly encouraged not to follow unsolicited links while performing maintenance tasks on any of the affected systems. Administrators should also ensure that they log out after the completion of an administration session to ensure that valid authentication cookies do not remain on administrator workstations.

CPENameOperatorVersion
cisco secure access control system (acs)eqany
cisco vpn client for windowseqany
ciscoworks wireless lan solution engine (wlse)eqany
cisco catalyst 6500 network analysis module (nam)eqany
cisco 7600 series router network analysis module (nam)eqany
ciscoworks common services (cs)eqany
cisco secure access control server solution engine (acse)eqany
cisco wireless control system (wcs) softwareeqany
cisco wireless lan controller (wlc)eq4.0
cisco wireless lan controller (wlc)eq3.2

Name	Operator	Version
cisco secure access control system (acs)	eq	any
cisco vpn client for windows	eq	any
ciscoworks wireless lan solution engine (wlse)	eq	any
cisco catalyst 6500 network analysis module (nam)	eq	any
cisco 7600 series router network analysis module (nam)	eq	any
ciscoworks common services (cs)	eq	any
cisco secure access control server solution engine (acse)	eq	any
cisco wireless control system (wcs) software	eq	any
cisco wireless lan controller (wlc)	eq	4.0
cisco wireless lan controller (wlc)	eq	3.2

Rows per page:

1-10 of 501

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20070315-CVE-2007-1467

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.012 Low

EPSS

Percentile

84.9%

JSON

Related for CISCO-SA-20070315-CVE-2007-1467