2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2010-2986" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2010-08-10T12:23:06.270" ,
2025-04-11 02:06:08 +00:00
"lastModified" : "2025-04-11T00:51:21.963" ,
"vulnStatus" : "Deferred" ,
2024-12-08 03:06:42 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Cross-site scripting (XSS) vulnerability in webacs/QuickSearchAction.do in the search feature in the web interface in Cisco Wireless Control System (WCS) before 6.0(194.0) and 7.x before 7.0.164 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, aka Bug ID CSCtf14288."
} ,
{
"lang" : "es" ,
"value" : "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en webacs/QuickSearchAction.do de la opci\u00f3n de b\u00fasqueda del interfaz web de Cisco Wireless Control System (WCS) anterior a v6.0(194.0) y v7.x anterior a v7.0.164, permite a atacantes remotos inyectar c\u00f3digo web o HTML a trav\u00e9s del par\u00e1metro searchText, tambi\u00e9n conocido como Bug ID CSCtf14288."
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N" ,
2024-11-22 11:14:00 +00:00
"baseScore" : 4.3 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "PARTIAL" ,
2024-11-22 11:14:00 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 8.6 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : true
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-79"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "6.0.188.0" ,
"matchCriteriaId" : "3F9C754F-C126-4363-A965-49205D92F300"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:3.2.78.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "357C618B-DF8F-4FB4-9C49-491852677984"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.0.155.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F7D1D2FC-0C61-48E0-9BEF-A9770C4BF5E0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1C92C153-0AA1-47C9-B4F0-6823F0B32F97"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.1.83.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "47C0B1E8-1C88-476C-88A1-2BA50BDCA851"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.1.91.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3800664A-0AA1-46CD-A73D-8D734378DFF6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.1.171.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DA186C0A-32C3-41F4-AF67-D3CB17DBC88F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.1.191.xm:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "437151E2-6368-448C-9313-5D2F8BC02C21"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.1.192.35m:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "254E4172-E08A-41A6-A6D8-7112CAD318A0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.1.192.xm:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "451A2C64-84A0-4400-A1D4-843BCD10D5FA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.2.62.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "12EA9C01-D568-4A01-A8F8-C194EC026035"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.2.62.11:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2D3B6F52-F023-43F0-A544-65807B52495C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.2.81.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5FAC9C22-67D4-44E2-BCA4-FF337CFCE300"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.2.97.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C0F1F07C-A281-4262-92CA-C8D26CB658E1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.2.110.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2D5DEF5A-2E45-478A-A9F7-34C6D1F37F6B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.2.128.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "44941345-6298-4B0A-B549-480DCD2E6FFA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.2.130.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "54575431-6C23-4D41-9CA2-768F39714009"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.2.173.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0CC84854-3970-454D-8B05-C0E6A15BFE6B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.2.176.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "31A29A50-CDEC-4CC1-BFAF-ED4EC38AF650"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:4.2.209.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A18F6F25-62F5-4069-B1F5-9EB5FAA43225"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:5.0.56.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BA249E97-D24E-4507-8E29-394DA6066EB1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:5.0.56.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CA3F6111-E9D4-49FD-A2A9-35CB1B9F809E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:5.0.148.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "21DF8062-4D11-492E-9F70-8BB327609D6F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:5.1.64.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4B4BA5AE-1BB4-406A-AF28-561FB218C391"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:5.1.65.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D7C02398-E3D8-4180-B07E-258754040D36"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:5.1.151.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "99056BCC-2B32-4F2F-AE0C-0678A7753887"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:5.2.110.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B38484C0-8EB6-4FAE-A22D-3BE0D8602DED"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:5.2.125.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "726692A7-0F47-47B9-A04E-B31F0BD73F12"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:5.2.130.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4BBADB1E-8C44-4854-A3ED-557744C3B393"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:5.2.148.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "83C38FE7-C60F-476F-9704-22E6C4D6B181"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:5.2.157.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8EC815C0-276A-44DA-9A2E-453D86923874"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:6.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "13E52795-7C27-4E3B-ABDC-549AC9728B55"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:6.0.132.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E8486474-1D58-4165-92A7-AB9079B8A9B8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:6.0.170.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4D5A7438-651D-4080-B587-EBAEBA0098F1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:6.0.181.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E09E8ADF-0D0C-493C-B2A8-58DF6F725E45"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:6.0.182.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "41489DF2-0A3B-4A5D-A296-03BCE07F5220"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "09379903-D1CB-424A-BCBC-2FA88FA826FE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:wireless_control_system_software:7.0.98.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BBFC4BDD-CF79-4B1E-B3B6-BF82A74B0ECA"
}
]
}
]
}
] ,
"references" : [
2024-04-04 08:46:00 +00:00
{
"url" : "http://secunia.com/advisories/40827" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Vendor Advisory"
]
} ,
2023-04-24 12:24:31 +02:00
{
"url" : "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://www.securityfocus.com/archive/1/512878/100/0/threaded" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://www.securityfocus.com/bid/42216" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://www.tomneaves.com/Cisco_Wireless_Control_System_XSS.txt" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Exploit"
]
2024-11-22 11:14:00 +00:00
} ,
{
"url" : "http://secunia.com/advisories/40827" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.securityfocus.com/archive/1/512878/100/0/threaded" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.securityfocus.com/bid/42216" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.tomneaves.com/Cisco_Wireless_Control_System_XSS.txt" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit"
]
2023-04-24 12:24:31 +02:00
}
]
}
