A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.
{"id": "CVE-2022-20815", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2022-20815", "description": "A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.", "published": "2022-07-06T21:15:00", "modified": "2022-07-14T17:02:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE", "baseScore": 4.3}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 2.8, "impactScore": 2.7}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-20815", "reporter": "psirt@cisco.com", "references": ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-ksKd5yfA"], "cvelist": ["CVE-2022-20815"], "immutableFields": [], "lastseen": "2022-07-14T18:28:43", "viewCount": 11, "enchantments": {"twitter": {"counter": 5, "tweets": [{"link": "https://twitter.com/threatintelctr/status/1544799168409075713", "text": " NEW: CVE-2022-20815 A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Co... (click for more) https://t.co/ozuBWpwbat", "author": "threatintelctr", "author_photo": "https://pbs.twimg.com/profile_images/904224973987840000/dMy1x9Ho_400x400.jpg"}, {"link": "https://twitter.com/CVEnew/status/1544814742904111109", "text": "CVE-2022-20815 A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Ser... https://t.co/6iqKKISzxj", "author": "CVEnew", "author_photo": "https://pbs.twimg.com/profile_images/1447927972393111557/PQRMlVvZ_400x400.jpg"}, {"link": "https://twitter.com/VulmonFeeds/status/1544815028544602113", "text": "CVE-2022-20815\n\nA vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communicat...\n\nhttps://t.co/arFUudDIs5", "author": "VulmonFeeds", "author_photo": "https://pbs.twimg.com/profile_images/945758793161498625/67b3PEYK_400x400.jpg"}, {"link": "https://twitter.com/threatintelctr/status/1547630326037458947", "text": " NEW: CVE-2022-20815 A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Co... (click for more) Severity: MEDIUM https://t.co/ozuBWpezLT", "author": "threatintelctr", "author_photo": "https://pbs.twimg.com/profile_images/904224973987840000/dMy1x9Ho_400x400.jpg"}]}, "score": {"value": 3.6, "vector": "NONE"}, "dependencies": {"references": [{"type": "cisco", "idList": ["CISCO-SA-CUCM-XSS-KSKD5YFA"]}, {"type": "nessus", "idList": ["CISCO-SA-CUCM-XSS-KSKD5YFA.NASL", "CISCO-SA-CUCM-XSS-KSKD5YFA_IMP.NASL"]}]}, "vulnersScore": 3.6}, "_state": {"twitter": 1657823600, "score": 1660017089, "dependencies": 1660016946}, "_internal": {"score_hash": "96a7ec1efc0be2f2bc9bfec677aa3973"}, "cna_cvss": {"cna": "Cisco Systems, Inc.", "cvss": {"3": {"vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "score": 6.1}}}, "cpe": [], "cpe23": [], "cwe": ["CWE-79"], "affectedSoftware": [{"cpeName": "cisco:unified_communications_manager_im_and_presence_service", "version": "12.5\\(1\\)su6", "operator": "lt", "name": "cisco unified communications manager im and presence service"}, {"cpeName": "cisco:unified_communications_manager_im_and_presence_service", "version": "11.5\\(1\\)su11", "operator": "lt", "name": "cisco unified communications manager im and presence service"}, {"cpeName": "cisco:unified_communications_manager_im_and_presence_service", "version": "14.0su2", "operator": "lt", "name": "cisco unified communications manager im and presence service"}, {"cpeName": "cisco:unified_communications_manager", "version": "14su2", "operator": "lt", "name": "cisco unified communications manager"}, {"cpeName": "cisco:unified_communications_manager", "version": "14su2", "operator": "lt", "name": "cisco unified communications manager"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5\\(1\\)su6:*:*:*:*:*:*:*", "versionStartIncluding": "12.5\\(1\\)", "versionEndExcluding": "12.5\\(1\\)su6", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.5\\(1\\)su11:*:*:*:*:*:*:*", "versionStartIncluding": "11.5\\(1\\)", "versionEndExcluding": "11.5\\(1\\)su11", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:14.0su2:*:*:*:*:*:*:*", "versionStartIncluding": "14.0", "versionEndExcluding": "14.0su2", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:14su2:*:*:*:session_management:*:*:*", "versionStartIncluding": "14.0", "versionEndExcluding": "14su2", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:14su2:*:*:*:*:*:*:*", "versionStartIncluding": "14.0", "versionEndExcluding": "14su2", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-ksKd5yfA", "name": "20220706 Cisco Unified Communications Products Cross-Site Scripting Vulnerability", "refsource": "CISCO", "tags": ["Vendor Advisory"]}]}
{"cisco": [{"lastseen": "2022-07-06T16:56:01", "description": "A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\n\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.\n\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\n\nThis advisory is available at the following link:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-ksKd5yfA [\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-ksKd5yfA\"]", "cvss3": {}, "published": "2022-07-06T16:00:00", "type": "cisco", "title": "Cisco Unified Communications Products Cross-Site Scripting Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-20815"], "modified": "2022-07-06T16:00:00", "id": "CISCO-SA-CUCM-XSS-KSKD5YFA", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-ksKd5yfA", "cvss": {"score": 6.1, "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}}], "nessus": [{"lastseen": "2022-08-11T14:49:20", "description": "The version of Cisco Unified Communications Manager IM & Presence Service installed on the remote host is 11.5(1) prior to 11.5(1)SU11, 12.5(1) prior to 12.5(1)SU6 or 14 prior to 14SU2. It is, therefore affect by a cross-site scripting vulnerability (XSS) in the web-based management interface. An unauthenticated remote attacker can, with the action of an authorized user, execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2022-07-14T00:00:00", "type": "nessus", "title": "Cisco Unified Communications Manager IM & Presence XSS (cisco-sa-cucm-xss-ksKd5yfA)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-20815"], "modified": "2022-07-14T00:00:00", "cpe": ["cpe:/a:cisco:unified_communications_manager_im_and_presence_service"], "id": "CISCO-SA-CUCM-XSS-KSKD5YFA_IMP.NASL", "href": "https://www.tenable.com/plugins/nessus/163101", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163101);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/07/14\");\n\n script_cve_id(\"CVE-2022-20815\");\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCvy16646\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-cucm-xss-ksKd5yfA\");\n script_xref(name:\"IAVA\", value:\"2022-A-0266\");\n\n script_name(english:\"Cisco Unified Communications Manager IM & Presence XSS (cisco-sa-cucm-xss-ksKd5yfA)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Cisco Unified Communications Manager IM & Presence Service installed on the remote host is 11.5(1)\nprior to 11.5(1)SU11, 12.5(1) prior to 12.5(1)SU6 or 14 prior to 14SU2. It is, therefore affect by a cross-site\nscripting vulnerability (XSS) in the web-based management interface. An unauthenticated remote attacker can, with the\naction of an authorized user, execute arbitrary script code in the context of the affected interface or access\nsensitive browser-based information.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-ksKd5yfA\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?10275420\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy16646\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvy16646\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-20815\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(79);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:cisco:unified_communications_manager_im_and_presence_service\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CISCO\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"cisco_cucm_imp_detect.nbin\");\n script_require_keys(\"installed_sw/Cisco Unified CM IM&P\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar app_info = vcf::get_app_info(app:'Cisco Unified CM IM&P');\n\nvar constraints = [\n # https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/rel_notes/11_5_1/SU9/cucm_b_release-notes-cucmimp-1151su9/cucm_m_about-this-release.html\n {'min_version': '11.5.1', 'fixed_version': '11.5.1.23900.3', 'fixed_display': '11.5(1)SU11'},\n # cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/rel_notes/12_5_1/SU6/cucm_b_release-notes-for-cucm-imp-1251su6.html\n {'min_version': '12.5.1', 'fixed_version': '12.5.1.16900.48', 'fixed_display': '12.5(1)SU6'},\n # https://software.cisco.com/download/home/286328299/type/282074312/release/14SU2\n {'min_version': '14.0', 'fixed_version': '14.0.1.12900.6', 'fixed_display': '14SU2'},\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING, flags:{'xss':TRUE});\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-11T14:49:00", "description": "The version of Cisco Unified Communications Manager installed on the remote host is version 14 prior to 14SU2. It is, therefore affect by a cross-site scripting vulnerability (XSS) in the web-based management interface. An unauthenticated remote attacker can, with the action of an authorized user, execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2022-07-14T00:00:00", "type": "nessus", "title": "Cisco Unified Communications Manager XSS (cisco-sa-cucm-xss-ksKd5yfA)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-20815"], "modified": "2022-07-14T00:00:00", "cpe": ["cpe:/a:cisco:unified_communications_manager"], "id": "CISCO-SA-CUCM-XSS-KSKD5YFA.NASL", "href": "https://www.tenable.com/plugins/nessus/163102", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163102);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/07/14\");\n\n script_cve_id(\"CVE-2022-20815\");\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCvy16646\");\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCvy52029\");\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCvy60442\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-cucm-xss-ksKd5yfA\");\n script_xref(name:\"IAVA\", value:\"2022-A-0266\");\n\n script_name(english:\"Cisco Unified Communications Manager XSS (cisco-sa-cucm-xss-ksKd5yfA)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Cisco Unified Communications Manager installed on the remote host is version 14 prior to 14SU2. It is,\ntherefore affect by a cross-site scripting vulnerability (XSS) in the web-based management interface. An\nunauthenticated remote attacker can, with the action of an authorized user, execute arbitrary script code in the\ncontext of the affected interface or access sensitive browser-based information.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-ksKd5yfA\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?10275420\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy16646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy52029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy60442\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCvy16646, CSCvy52029, CSCvy60442\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-20815\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(79);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:cisco:unified_communications_manager\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CISCO\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"cisco_ucm_detect.nbin\");\n script_require_keys(\"Host/Cisco/CUCM/Version\", \"Host/Cisco/CUCM/Version_Display\");\n\n exit(0);\n}\n\ninclude('ccf.inc');\n\nvar product_info = cisco::get_product_info(name:'Cisco Unified Communications Manager');\n\nvar vuln_ranges = [\n# https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/rel_notes/14_0_1/SU2/cucm_b_release-notes-for-cucm-imp-14su2.html\n { 'min_ver' : '14.0', 'fix_ver' : '14.0.1.12900.161'}\n];\n\nvar reporting = make_array(\n 'port', 0,\n 'severity', SECURITY_WARNING,\n 'version', product_info['display_version'],\n 'bug_id', 'CSCvy16646, CSCvy52029, CSCvy60442',\n 'fix', '14SU2',\n 'disable_caveat', TRUE,\n 'xss', TRUE\n);\n\ncisco::check_and_report(\n product_info:product_info,\n reporting:reporting,\n vuln_ranges:vuln_ranges\n);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}]}
CVE-2022-20815
