cve-2019-12668
Vulnerability from cvelistv5
Published
2019-09-25 20:16
Modified
2024-11-21 19:13
Severity ?
4.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to insufficient input validation of the banner parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by crafting a banner parameter and saving it. The attacker could then convince a user of the web interface to access a malicious link or could intercept a user request for the affected web interface and inject malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxssVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxssVendor Advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:39.242Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190925 Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxss"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-12668",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:56:50.374188Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:13:12.570Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XE Software 3.6.0E",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-09-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to insufficient input validation of the banner parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by crafting a banner parameter and saving it. The attacker could then convince a user of the web interface to access a malicious link or could intercept a user request for the affected web interface and inject malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-09-25T20:16:02",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190925 Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxss"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190925-sbxss",
        "defect": [
          [
            "CSCvk25852"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-09-25T16:00:00-0700",
          "ID": "CVE-2019-12668",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XE Software 3.6.0E",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to insufficient input validation of the banner parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by crafting a banner parameter and saving it. The attacker could then convince a user of the web interface to access a malicious link or could intercept a user request for the affected web interface and inject malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "4.8",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190925 Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxss"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190925-sbxss",
          "defect": [
            [
              "CSCvk25852"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-12668",
    "datePublished": "2019-09-25T20:16:02.222903Z",
    "dateReserved": "2019-06-04T00:00:00",
    "dateUpdated": "2024-11-21T19:13:12.570Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(2\\\\)e:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3A156FE-590E-49DB-819D-4103D629829D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(2\\\\)ea:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"50CB7858-C857-41E2-9E5D-9368EEC2825E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(3\\\\)e:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB214EAE-AEB7-4359-AD8C-86CCC080EF96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(3\\\\)ea:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9D6FBCE-F1F0-437B-A9B0-57F717C974F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(4\\\\)e:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CE9B41B-B1B5-45A2-8DBE-775B1CE4F2C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(4\\\\)ea:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBF92BEC-AA46-46DF-8C1E-956F3E506E69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(4\\\\)ec:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF3C4298-7F6E-4C19-949C-EE317BB720A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(5\\\\)e:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F112DE64-0042-4FB9-945D-3107468193E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(5\\\\)ea:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE991877-18E0-4374-A441-C2316085CCA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(5\\\\)ex:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A472B96-0DDE-49DD-A7E3-A82DD6AEB3DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(6\\\\)e:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"199DCF1B-8A1E-47CC-87A6-64E6F21D8886\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(7\\\\)e:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6437E689-A049-4D48-AB7A-49CA7EBDE8B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.1.1\", \"versionEndExcluding\": \"16.3.8\", \"matchCriteriaId\": \"6592816B-F5E6-4DC2-B099-04DCC6220181\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.4.1\", \"versionEndExcluding\": \"16.6.5\", \"matchCriteriaId\": \"A7ABF091-4A70-453B-888D-A6D2DF5A1DEF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.7.1\", \"versionEndExcluding\": \"16.8.2\", \"matchCriteriaId\": \"3022F120-FBE2-4B5D-8B09-1F1EDC37D3A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.9.1\", \"versionEndExcluding\": \"16.9.2\", \"matchCriteriaId\": \"94FDF1D1-C903-488B-ABBB-9DEFCFBE2034\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.6e:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CAEDC03A-CDD5-450E-9528-1DB9EC490DAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.7e:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3BD3E067-E41B-4C8E-B5B2-C91CF7153E79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.8e:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5BC8D6F3-9A50-437D-B4BE-36CE4ADBC9C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.9e:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13A26079-2C57-41EC-A001-3E2669963967\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.10e:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FFF8E8E1-215B-437E-B7EF-64F9AAFA73A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:16.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0ED5527C-A638-4E20-9928-099E32E17743\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to insufficient input validation of the banner parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by crafting a banner parameter and saving it. The attacker could then convince a user of the web interface to access a malicious link or could intercept a user request for the affected web interface and inject malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en el c\\u00f3digo del framework web de los Software Cisco IOS y Cisco IOS XE, podr\\u00eda permitir a un atacante remoto autenticado realizar un ataque de tipo cross-site scripting (XSS) almacenado contra un usuario de la interfaz web del software afectado usando el par\\u00e1metro banner. La vulnerabilidad es debido a una comprobaci\\u00f3n de entrada insuficiente de los par\\u00e1metros banner que son pasados hacia el servidor web del software afectado. Un atacante podr\\u00eda explotar esta vulnerabilidad mediante el dise\\u00f1o de un par\\u00e1metro de banner y guardarlo. El atacante podr\\u00eda convencer a un usuario de la interfaz web para acceder a un enlace malicioso o podr\\u00eda interceptar una petici\\u00f3n del usuario para la interfaz web afectada e inyectar c\\u00f3digo malicioso en la petici\\u00f3n. Una explotaci\\u00f3n con \\u00e9xito podr\\u00eda permitir al atacante ejecutar c\\u00f3digo script arbitrario en el contexto de la interfaz web afectada o permitir al atacante acceder a informaci\\u00f3n confidencial basada en navegador.\"}]",
      "id": "CVE-2019-12668",
      "lastModified": "2024-11-21T04:23:19.040",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 4.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.7, \"impactScore\": 2.7}], \"cvssMetricV30\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 4.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.7, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:S/C:N/I:P/A:N\", \"baseScore\": 3.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 6.8, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2019-09-25T21:15:11.577",
      "references": "[{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxss\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxss\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-12668\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2019-09-25T21:15:11.577\",\"lastModified\":\"2024-11-21T04:23:19.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to insufficient input validation of the banner parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by crafting a banner parameter and saving it. The attacker could then convince a user of the web interface to access a malicious link or could intercept a user request for the affected web interface and inject malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el c\u00f3digo del framework web de los Software Cisco IOS y Cisco IOS XE, podr\u00eda permitir a un atacante remoto autenticado realizar un ataque de tipo cross-site scripting (XSS) almacenado contra un usuario de la interfaz web del software afectado usando el par\u00e1metro banner. La vulnerabilidad es debido a una comprobaci\u00f3n de entrada insuficiente de los par\u00e1metros banner que son pasados hacia el servidor web del software afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el dise\u00f1o de un par\u00e1metro de banner y guardarlo. El atacante podr\u00eda convencer a un usuario de la interfaz web para acceder a un enlace malicioso o podr\u00eda interceptar una petici\u00f3n del usuario para la interfaz web afectada e inyectar c\u00f3digo malicioso en la petici\u00f3n. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo script arbitrario en el contexto de la interfaz web afectada o permitir al atacante acceder a informaci\u00f3n confidencial basada en navegador.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.7,\"impactScore\":2.7}],\"cvssMetricV30\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.7,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:N/I:P/A:N\",\"baseScore\":3.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.8,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(2\\\\)e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3A156FE-590E-49DB-819D-4103D629829D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(2\\\\)ea:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50CB7858-C857-41E2-9E5D-9368EEC2825E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(3\\\\)e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB214EAE-AEB7-4359-AD8C-86CCC080EF96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(3\\\\)ea:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9D6FBCE-F1F0-437B-A9B0-57F717C974F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(4\\\\)e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CE9B41B-B1B5-45A2-8DBE-775B1CE4F2C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(4\\\\)ea:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBF92BEC-AA46-46DF-8C1E-956F3E506E69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(4\\\\)ec:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF3C4298-7F6E-4C19-949C-EE317BB720A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(5\\\\)e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F112DE64-0042-4FB9-945D-3107468193E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(5\\\\)ea:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE991877-18E0-4374-A441-C2316085CCA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(5\\\\)ex:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A472B96-0DDE-49DD-A7E3-A82DD6AEB3DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(6\\\\)e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"199DCF1B-8A1E-47CC-87A6-64E6F21D8886\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(7\\\\)e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6437E689-A049-4D48-AB7A-49CA7EBDE8B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.1\",\"versionEndExcluding\":\"16.3.8\",\"matchCriteriaId\":\"6592816B-F5E6-4DC2-B099-04DCC6220181\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.4.1\",\"versionEndExcluding\":\"16.6.5\",\"matchCriteriaId\":\"A7ABF091-4A70-453B-888D-A6D2DF5A1DEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.7.1\",\"versionEndExcluding\":\"16.8.2\",\"matchCriteriaId\":\"3022F120-FBE2-4B5D-8B09-1F1EDC37D3A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.9.1\",\"versionEndExcluding\":\"16.9.2\",\"matchCriteriaId\":\"94FDF1D1-C903-488B-ABBB-9DEFCFBE2034\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.6e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAEDC03A-CDD5-450E-9528-1DB9EC490DAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.7e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BD3E067-E41B-4C8E-B5B2-C91CF7153E79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.8e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BC8D6F3-9A50-437D-B4BE-36CE4ADBC9C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.9e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13A26079-2C57-41EC-A001-3E2669963967\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFF8E8E1-215B-437E-B7EF-64F9AAFA73A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ED5527C-A638-4E20-9928-099E32E17743\"}]}]}],\"references\":[{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxss\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxss\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxss\", \"name\": \"20190925 Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T23:24:39.242Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-12668\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-21T18:56:50.374188Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-21T18:58:12.248Z\"}}], \"cna\": {\"title\": \"Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability\", \"source\": {\"defect\": [[\"CSCvk25852\"]], \"advisory\": \"cisco-sa-20190925-sbxss\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"CHANGED\", \"version\": \"3.0\", \"baseScore\": 4.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco IOS XE Software 3.6.0E\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"n/a\", \"versionType\": \"custom\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"datePublic\": \"2019-09-25T00:00:00\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxss\", \"name\": \"20190925 Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to insufficient input validation of the banner parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by crafting a banner parameter and saving it. The attacker could then convince a user of the web interface to access a malicious link or could intercept a user request for the affected web interface and inject malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2019-09-25T20:16:02\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"4.8\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\"}}, \"source\": {\"defect\": [[\"CSCvk25852\"]], \"advisory\": \"cisco-sa-20190925-sbxss\", \"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"affected\": \"\u003c\", \"version_value\": \"n/a\", \"version_affected\": \"\u003c\"}]}, \"product_name\": \"Cisco IOS XE Software 3.6.0E\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxss\", \"name\": \"20190925 Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability\", \"refsource\": \"CISCO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to insufficient input validation of the banner parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by crafting a banner parameter and saving it. The attacker could then convince a user of the web interface to access a malicious link or could intercept a user request for the affected web interface and inject malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-79\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2019-12668\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2019-09-25T16:00:00-0700\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2019-12668\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-21T19:13:12.570Z\", \"dateReserved\": \"2019-06-04T00:00:00\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2019-09-25T20:16:02.222903Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.