FKIE_CVE-2018-15434

Vulnerability from fkie_nvd - Published: 2018-10-05 14:29 - Updated: 2024-11-21 03:50
Severity ?
6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A vulnerability in the web-based management interface of Cisco Unified IP Phone 7900 Series could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
References
psirt@cisco.comhttp://www.securitytracker.com/id/1041791Third Party Advisory, VDB Entry
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-uipp-7900-xssVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1041791Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-uipp-7900-xssVendor Advisory
Impacted products
Vendor Product Version
cisco skinny_client_control_protocol_software 9.4\(2\)
cisco unified_ip_phones_7906g *
cisco unified_ip_phones_7911g *
cisco unified_ip_phones_7912g *
cisco unified_ip_phones_7920_multi-charger *
cisco unified_ip_phones_7921g *
cisco unified_ip_phones_7925g *
cisco unified_ip_phones_7925g-ex *
cisco unified_ip_phones_7926g *
cisco unified_ip_phones_7931g *
cisco unified_ip_phones_7940g *
cisco unified_ip_phones_7941g *
cisco unified_ip_phones_7942g *
cisco unified_ip_phones_7945g *
cisco unified_ip_phones_7960g *
cisco unified_ip_phones_7961g *
cisco unified_ip_phones_7962g *
cisco unified_ip_phones_7965g *
cisco unified_ip_phones_7975g *
cisco unified_ip_phones_conference_station_7936 *
cisco unified_ip_phones_conference_station_7937g *
cisco unified_ip_phones_expansion_module_7915 *
cisco unified_ip_phones_expansion_module_7916 *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:9.4\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "289198C0-853A-46A4-B753-CB3944511364",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7906g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7961B727-26C5-417D-AF65-2A4344277FEA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7911g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "772EB250-0863-4857-A387-7F7BE7D40656",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7912g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "099A36DF-5E83-431A-AF6C-53F03A14B358",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7920_multi-charger:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "550A069C-AA6F-4D85-BDAE-120E5DA6FC7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7921g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E204F37-D7CF-4138-86F4-63569C1E4012",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7925g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19B26761-635E-46A4-8807-4EC956B9F295",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7925g-ex:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7582269D-6927-422D-89D2-BF7574201FA1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7926g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD4A1750-1760-4EFA-80D3-47EC39AFE3BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7931g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "89E6E8D9-7D63-4656-BF5D-FFC81B291B60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7940g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C5BDE33-C449-4880-9E28-304E1BC0A6A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7941g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D445B497-7B54-417A-B971-05BB4CCF765F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7942g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4174556C-D859-422C-A1F3-C371D129BCB1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7945g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C670F730-4430-4831-953E-04CA7B1BE30E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7960g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "43B997BF-50AE-4905-82ED-8DDAE3E6F824",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7961g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B388C5-2A4E-474D-8549-B5BEEA15E5BE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7962g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "62CCC080-4BF0-4838-9FC9-41C6C32F0686",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7965g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C58ED58-F044-4A9D-BBD6-BFA57473F3C4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_7975g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77BB66F1-CAE4-4098-B486-79D9423E4FF2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_conference_station_7936:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0AA88C7-F162-4686-80A9-B954996B15FA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_conference_station_7937g:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC0AAD19-9F30-4970-9933-843A15F2246E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_expansion_module_7915:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0EA852D-4582-4A7D-ACE2-4E5210F2DDEE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phones_expansion_module_7916:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8CA87F0-183A-4B19-A83C-E9B4278DF22B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web-based management interface of Cisco Unified IP Phone 7900 Series could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de gesti\u00f3n web de Cisco Unified IP Phone 7900 Series podr\u00eda permitir que un atacante remoto autenticado lleve a cabo un ataque Cross-Site Scripting (XSS) contra un usuario de dicha interfaz en un dispositivo afectado. La vulnerabilidad se debe a la validaci\u00f3n insuficiente de entradas de parte del usuario en la interfaz de gesti\u00f3n web. Un atacante podr\u00eda explotar esta vulnerabilidad haciendo que un usuario de la interfaz haga clic en un enlace malicioso. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo script arbitrario en el contexto de la interfaz afectada o que pueda acceder a informaci\u00f3n sensible del navegador."
    }
  ],
  "id": "CVE-2018-15434",
  "lastModified": "2024-11-21T03:50:47.400",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-05T14:29:12.233",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041791"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-uipp-7900-xss"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041791"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-uipp-7900-xss"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.