Cisco TelePresence Management Suite XSS (cisco-sa-tms-xss-kGw4DX9Y)

#TRUSTED 58f89fddc75cbb1ba03e0f948b2b90db59fafb9914a920f8f80f897a12a1cd40f8c615798f77f519a168e6624973b111b327f8c775af3ff94a44f222a97cdfa19d4429471fae50386b6852b7cba53786dfa4c074642ee17734ae33ae195cc9487adae9446745a0281609db9d2f28e3f4a23a16e45a58e7418b8c29e39a710131c38ea758cd555640bd45e0f1cd470818d95a4a01affa8d79f915de41af3c44a8d16e74673a52f0befe6a9904055ad1b0fee011d7879f5e3d217f74004768758fddf35d88e808365d5979086a3becc469ab47557cb27168fdbcfb48841769550ce9049f06adf436c023dc0e6a1d3527cc5287b911dfd783b93ae9d782ee953c5c2e0f9584d54a32363101935c569733c3a57d68286144ed5e33b653457571e0397cba5e088fcadb1fe86a4745724adde6921b2c40b52394c8455b09351cf9627735be0317edb65eac1f103925d7a9c793a0edac49b481136073ca4b05ae5f0f61e148ed764f2a1bdb0376d1463759e7a041056759384e0fc62980d5bcce9559358bbd37cc5570db3bec5533769c7dee3367807012db96252761977ff62c147f431b871602be55e4863b934c0ac575bc319c5672265a97c474f87044855f2687a6edd3c298f8e5f3b12c939a898d266009a2ace480851b440c6287c0f84c3e6381d059688353a2a98e3e305e74e03911be5e2659da2e2d73accb56ff020a54c566
#TRUST-RSA-SHA256 5b1a0234d4bdc4a57afdf709754d251e149feb951ced1bc8ae8ab79c1b7744a4d8dbc4f16742d75dcbc9cee864a3bf2d1e9f0042e89e80e41b4c54974cadff23284386cb832efa41592272003923af60df8b54ba05fe5ce3176caf584fcb5c931841c75b7fba9ed63a3c055fb3c03f1c0f07a188724354df1c80ee6eccf6323e6ce2129cb9c38db02d142cdf1e31f7369553eb236228ecd451e86fb577e6a62b1998136a2df762fcf0c62886fdebe0d5705e286c45f738cc843bc0a115c6150f9d34d5e1929a162448a3a6b87101146689723f094a773fa52f1eeff3c0ab17a037652243ad9be1972225b8c40293d40e668b4e8015e6ea597ab5af34fa43369d97c65cae48ac276a9cf82755acc8aeceffd4426d08aa0a5d1319764d6e454b74038bc2f1cac6d3b9e42317456b3145bb6fb3e10c045a944a5199f014ecfe25e4ea60d7540ff03a6732417b3337bc96ed8cb09553eff188fa56d43a7239cbbc40dddb9a3894a5d3a936544ed203883cc91496061b6692c8e0c8db82673bfbd99add706572ea9267aae62f6ddb77e136416710f507dba972f13e7be14f23760ef808d680ac2a86a2bd37f1ac6c9e5e5861b05f02dc0ae9901ae9835d7e28a8e477e8260d9e59da64390b5818f9c3351a20f3b8fd36eeac0481e5eeb2de76105b7157c026d78e2ae35faa3203670dc68c7a04a834518c7bef10cc759f6462591899
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(192944);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/04");

  script_cve_id("CVE-2024-20334");
  script_xref(name:"IAVA", value:"2024-A-0196");
  script_xref(name:"CISCO-BUG-ID", value:"CSCwh57988");
  script_xref(name:"CISCO-SA", value:"cisco-sa-tms-xss-kGw4DX9Y");

  script_name(english:"Cisco TelePresence Management Suite XSS (cisco-sa-tms-xss-kGw4DX9Y)");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"According to its self-reported version, Cisco TelePresence Management Suite Cross-Site Scripting is affected by a
vulnerability.

  - A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could
    allow a low-privileged, remote attacker to conduct a cross-site scripting (XSS) attack against a user of
    the interface. This vulnerability is due to insufficient input validation by the web-based management
    interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data
    field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in
    the context of the affected interface or access sensitive, browser-based information. (CVE-2024-20334)

Please see the included Cisco BIDs and Cisco Security Advisory for more information.");
  # https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tms-xss-kGw4DX9Y
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?530bce04");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwh57988");
  script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwh57988");
  script_set_attribute(attribute:"agent", value:"windows");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-20334");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(20);

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/04/03");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/04/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/04/05");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:telepresence_management_suite");
  script_set_attribute(attribute:"stig_severity", value:"II");
  script_set_attribute(attribute:"enable_cgi_scanning", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CISCO");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("cisco_telepresence_management_suite_detect.nbin", "cisco_telepresence_management_suite_installed.nbin");
  script_require_keys("installed_sw/Cisco Telepresence Management Suite");

  exit(0);
}

include('vcf.inc');

var app_info = vcf::combined_get_app_info(app:'Cisco Telepresence Management Suite');

var constraints = [{'fixed_version': '15.13.7'}];

vcf::check_version_and_report(
  app_info:app_info,
  constraints:constraints,
  severity:SECURITY_WARNING,
  flags:{'xss':TRUE}
);