Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO-SA-CUCM-XSS-KSKD5YFA.NASL
HistoryJul 14, 2022 - 12:00 a.m.

Cisco Unified Communications Manager XSS (cisco-sa-cucm-xss-ksKd5yfA)

2022-07-1400:00:00
This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
JSON

The version of Cisco Unified Communications Manager installed on the remote host is version 14 prior to 14SU2. It is, therefore affect by a cross-site scripting vulnerability (XSS) in the web-based management interface. An unauthenticated remote attacker can, with the action of an authorized user, execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(163102);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/07/14");

  script_cve_id("CVE-2022-20815");
  script_xref(name:"CISCO-BUG-ID", value:"CSCvy16646");
  script_xref(name:"CISCO-BUG-ID", value:"CSCvy52029");
  script_xref(name:"CISCO-BUG-ID", value:"CSCvy60442");
  script_xref(name:"CISCO-SA", value:"cisco-sa-cucm-xss-ksKd5yfA");
  script_xref(name:"IAVA", value:"2022-A-0266");

  script_name(english:"Cisco Unified Communications Manager XSS (cisco-sa-cucm-xss-ksKd5yfA)");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
  script_set_attribute(attribute:"description", value:
"The version of Cisco Unified Communications Manager installed on the remote host is version 14 prior to 14SU2. It is,
therefore affect by a cross-site scripting vulnerability (XSS) in the web-based management interface. An
unauthenticated remote attacker can, with the action of an authorized user, execute arbitrary script code in the
context of the affected interface or access sensitive browser-based information.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-ksKd5yfA
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?10275420");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy16646");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy52029");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy60442");
  script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCvy16646, CSCvy52029, CSCvy60442");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-20815");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(79);

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/07/06");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/07/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/07/14");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:unified_communications_manager");
  script_set_attribute(attribute:"stig_severity", value:"II");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CISCO");

  script_copyright(english:"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("cisco_ucm_detect.nbin");
  script_require_keys("Host/Cisco/CUCM/Version", "Host/Cisco/CUCM/Version_Display");

  exit(0);
}

include('ccf.inc');

var product_info = cisco::get_product_info(name:'Cisco Unified Communications Manager');

var vuln_ranges = [
# https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/rel_notes/14_0_1/SU2/cucm_b_release-notes-for-cucm-imp-14su2.html
  { 'min_ver' : '14.0',  'fix_ver' : '14.0.1.12900.161'}
];

var reporting = make_array(
  'port', 0,
  'severity', SECURITY_WARNING,
  'version', product_info['display_version'],
  'bug_id', 'CSCvy16646, CSCvy52029, CSCvy60442',
  'fix', '14SU2',
  'disable_caveat', TRUE,
  'xss', TRUE
);

cisco::check_and_report(
  product_info:product_info,
  reporting:reporting,
  vuln_ranges:vuln_ranges
);
VendorProductVersionCPE
ciscounified_communications_managercpe:/a:cisco:unified_communications_manager

Related

nessus 1
cve 1
cisco 1
prion 1
nessus
nessus
Cisco Unified Communications Manager IM & Presence XSS (cisco-sa-cucm-xss-ksKd5yfA)
2022-07-14 00:00:00
cve
cve
CVE-2022-20815
2022-07-06 21:15:00
cisco
cisco
Cisco Unified Communications Products Cross-Site Scripting Vulnerability
2022-07-06 16:00:00
prion
prion
Cross site scripting
2022-07-06 21:15:00
JSON
Related for CISCO-SA-CUCM-XSS-KSKD5YFA.NASL
nessus1cve1cisco1prion1