Lucene search
This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO-SA-20191016-VCS-XSS.NASLHistoryOct 25, 2019 - 12:00 a.m.
Cisco TelePresence VCS / Expressway 12.5.x < 12.5.4 XSS
2019-10-2500:00:00
This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.002 Low
EPSS
Percentile
51.6%
According to its self-reported version, the Cisco TelePresence Video Communication Server (VCS) / Expressway running on the remote host is 12.5.x prior to 12.5.4. It is, therefore, affected by a cross-site scripting (XSS) vulnerability due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user’s browser session.
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#TRUSTED 8a8c35e9a9faf5240cf45a065e5e74e0639ec0db4eab8848842981770bb4d9902d0852887033e04e65a311fd00d1a65b93cebb519692136725ab3e72cf1ffec8845edb9d1ffea13714926560de3c839ef2beb3d959946cb781ade0079ea0166145c7c45bfd683f680d3c0f301a8e069f970d29a0510e64b7379073bca301aacfb55a52aa3d3b548c1f2e918c0584b93470c56ce57f2ea2eea3808f3ebe40ad378ba45c77754ccfaf6ddcdd3a9c02a5bd3de59786ee5bffdec532cc7040f5f1edce46a2b0442ecd4b4a51251e6e831fa041fe98d692bb3255da2b63b961051e6e89497825e7f0c4c742cae79e91c2ae3b371929f5734f800e705c897e969d334b06c97996d903baf58d630b0799981cfba7eee8780a11d705ffbd12e00eae74083f2de270f7d467c178529d1c2e2864862302e2f6f6755ae4d94f54375756936b011e01000c02daf1611019b9fe390a1c51d57da684f4aa42a13bf814e9311192dfe9727d5d2398c1deca809e5496fa0fa3b395dfb66679b8945b72ced1d8e4bd2352a0b1143106ff4e53baa4615164b0fc815b4604c79c603d3f4830ea414f06c1b61de28de1eba189c9171036f007502fefe4cb2fff4fadb2fdca5388d03deb7d8179ed9978856b56637d52b7457a5d6b9981e10d20463ba2dbb27e7c4c893e8575f6176eaddfa2f327a6a73bc5d552636cf7692f9e78941ed6f69b8b20a890
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(130258);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");
script_cve_id("CVE-2019-12705");
script_xref(name:"CISCO-BUG-ID", value:"CSCvq09300");
script_xref(name:"CISCO-SA", value:"cisco-sa-20191016-vcs-xss");
script_xref(name:"IAVA", value:"2019-A-0389-S");
script_name(english:"Cisco TelePresence VCS / Expressway 12.5.x < 12.5.4 XSS");
script_set_attribute(attribute:"synopsis", value:
"A video conferencing application running on the remote host is affected by a cross-site scripting vulnerability.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, the Cisco TelePresence Video Communication Server (VCS) / Expressway running
on the remote host is 12.5.x prior to 12.5.4. It is, therefore, affected by a cross-site scripting (XSS) vulnerability
due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can
exploit this, by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user's
browser session.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-vcs-xss
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7822cce9");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvq09300");
script_set_attribute(attribute:"solution", value:
"Upgrade to Cisco TelePresence VCS / Expressway version 12.5.4 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-12705");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/10/16");
script_set_attribute(attribute:"patch_publication_date", value:"2019/10/16");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/25");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/h:cisco:telepresence_video_communication_server");
script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:telepresence_video_communication_server");
script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:telepresence_video_communication_server_software");
script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:expressway_software");
script_set_attribute(attribute:"stig_severity", value:"II");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_telepresence_video_communication_server_detect.nbin");
script_require_keys("Cisco/TelePresence_VCS/Version");
exit(0);
}
include('audit.inc');
include('cisco_workarounds.inc');
include('ccf.inc');
product_info = cisco::get_product_info(name:'Cisco TelePresence VCS');
vuln_ranges = [{ 'min_ver' : '12.5', 'fix_ver' : '12.5.4' }];
reporting = make_array(
'port' , 0,
'severity' , SECURITY_WARNING,
'version' , product_info['version'],
'bug_id' , 'CSCvq09300',
'disable_caveat', TRUE
);
cisco::check_and_report(product_info:product_info, reporting:reporting, vuln_ranges:vuln_ranges);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | telepresence_video_communication_server | cpe:/h:cisco:telepresence_video_communication_server | |
| cisco | telepresence_video_communication_server | cpe:/a:cisco:telepresence_video_communication_server | |
| cisco | telepresence_video_communication_server_software | cpe:/a:cisco:telepresence_video_communication_server_software | |
| cisco | expressway_software | cpe:/a:cisco:expressway_software |
Related
cve
cve
CVE-2019-12705
2019-10-16 19:15:11
cvelist
cvelist
nvd
nvd
CVE-2019-12705
2019-10-16 19:15:11
symantec
symantec
prion
prion
Cross site scripting
2019-10-16 19:15:00
cisco
cisco
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.002 Low
EPSS
Percentile
51.6%
Related for CISCO-SA-20191016-VCS-XSS.NASL