{ "id": "CVE-2010-2986", "sourceIdentifier": "cve@mitre.org", "published": "2010-08-10T12:23:06.270", "lastModified": "2025-04-11T00:51:21.963", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in webacs/QuickSearchAction.do in the search feature in the web interface in Cisco Wireless Control System (WCS) before 6.0(194.0) and 7.x before 7.0.164 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, aka Bug ID CSCtf14288." }, { "lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en webacs/QuickSearchAction.do de la opci\u00f3n de b\u00fasqueda del interfaz web de Cisco Wireless Control System (WCS) anterior a v6.0(194.0) y v7.x anterior a v7.0.164, permite a atacantes remotos inyectar c\u00f3digo web o HTML a trav\u00e9s del par\u00e1metro searchText, tambi\u00e9n conocido como Bug ID CSCtf14288." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "baseScore": 4.3, "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-79" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:*:*:*:*:*:*:*:*", "versionEndIncluding": "6.0.188.0", "matchCriteriaId": "3F9C754F-C126-4363-A965-49205D92F300" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:3.2.78.0:*:*:*:*:*:*:*", "matchCriteriaId": "357C618B-DF8F-4FB4-9C49-491852677984" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.0.155.5:*:*:*:*:*:*:*", "matchCriteriaId": "F7D1D2FC-0C61-48E0-9BEF-A9770C4BF5E0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1C92C153-0AA1-47C9-B4F0-6823F0B32F97" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.83.0:*:*:*:*:*:*:*", "matchCriteriaId": "47C0B1E8-1C88-476C-88A1-2BA50BDCA851" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.91.0:*:*:*:*:*:*:*", "matchCriteriaId": "3800664A-0AA1-46CD-A73D-8D734378DFF6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.171.0:*:*:*:*:*:*:*", "matchCriteriaId": "DA186C0A-32C3-41F4-AF67-D3CB17DBC88F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.191.xm:*:*:*:*:*:*:*", "matchCriteriaId": "437151E2-6368-448C-9313-5D2F8BC02C21" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.192.35m:*:*:*:*:*:*:*", "matchCriteriaId": "254E4172-E08A-41A6-A6D8-7112CAD318A0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.192.xm:*:*:*:*:*:*:*", "matchCriteriaId": "451A2C64-84A0-4400-A1D4-843BCD10D5FA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.62.0:*:*:*:*:*:*:*", "matchCriteriaId": "12EA9C01-D568-4A01-A8F8-C194EC026035" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.62.11:*:*:*:*:*:*:*", "matchCriteriaId": "2D3B6F52-F023-43F0-A544-65807B52495C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.81.0:*:*:*:*:*:*:*", "matchCriteriaId": "5FAC9C22-67D4-44E2-BCA4-FF337CFCE300" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.97.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0F1F07C-A281-4262-92CA-C8D26CB658E1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.110.0:*:*:*:*:*:*:*", "matchCriteriaId": "2D5DEF5A-2E45-478A-A9F7-34C6D1F37F6B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.128.0:*:*:*:*:*:*:*", "matchCriteriaId": "44941345-6298-4B0A-B549-480DCD2E6FFA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.130.0:*:*:*:*:*:*:*", "matchCriteriaId": "54575431-6C23-4D41-9CA2-768F39714009" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.173.0:*:*:*:*:*:*:*", "matchCriteriaId": "0CC84854-3970-454D-8B05-C0E6A15BFE6B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.176.0:*:*:*:*:*:*:*", "matchCriteriaId": "31A29A50-CDEC-4CC1-BFAF-ED4EC38AF650" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.209.0:*:*:*:*:*:*:*", "matchCriteriaId": "A18F6F25-62F5-4069-B1F5-9EB5FAA43225" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.0.56.0:*:*:*:*:*:*:*", "matchCriteriaId": "BA249E97-D24E-4507-8E29-394DA6066EB1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.0.56.2:*:*:*:*:*:*:*", "matchCriteriaId": "CA3F6111-E9D4-49FD-A2A9-35CB1B9F809E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.0.148.0:*:*:*:*:*:*:*", "matchCriteriaId": "21DF8062-4D11-492E-9F70-8BB327609D6F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.1.64.0:*:*:*:*:*:*:*", "matchCriteriaId": "4B4BA5AE-1BB4-406A-AF28-561FB218C391" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.1.65.4:*:*:*:*:*:*:*", "matchCriteriaId": "D7C02398-E3D8-4180-B07E-258754040D36" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.1.151.0:*:*:*:*:*:*:*", "matchCriteriaId": "99056BCC-2B32-4F2F-AE0C-0678A7753887" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.2.110.0:*:*:*:*:*:*:*", "matchCriteriaId": "B38484C0-8EB6-4FAE-A22D-3BE0D8602DED" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.2.125.0:*:*:*:*:*:*:*", "matchCriteriaId": "726692A7-0F47-47B9-A04E-B31F0BD73F12" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.2.130.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BBADB1E-8C44-4854-A3ED-557744C3B393" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.2.148.0:*:*:*:*:*:*:*", "matchCriteriaId": "83C38FE7-C60F-476F-9704-22E6C4D6B181" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.2.157.0:*:*:*:*:*:*:*", "matchCriteriaId": "8EC815C0-276A-44DA-9A2E-453D86923874" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "13E52795-7C27-4E3B-ABDC-549AC9728B55" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:6.0.132.0:*:*:*:*:*:*:*", "matchCriteriaId": "E8486474-1D58-4165-92A7-AB9079B8A9B8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:6.0.170.0:*:*:*:*:*:*:*", "matchCriteriaId": "4D5A7438-651D-4080-B587-EBAEBA0098F1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:6.0.181.0:*:*:*:*:*:*:*", "matchCriteriaId": "E09E8ADF-0D0C-493C-B2A8-58DF6F725E45" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:6.0.182.0:*:*:*:*:*:*:*", "matchCriteriaId": "41489DF2-0A3B-4A5D-A296-03BCE07F5220" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "09379903-D1CB-424A-BCBC-2FA88FA826FE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_control_system_software:7.0.98.0:*:*:*:*:*:*:*", "matchCriteriaId": "BBFC4BDD-CF79-4B1E-B3B6-BF82A74B0ECA" } ] } ] } ], "references": [ { "url": "http://secunia.com/advisories/40827", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/archive/1/512878/100/0/threaded", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/bid/42216", "source": "cve@mitre.org" }, { "url": "http://www.tomneaves.com/Cisco_Wireless_Control_System_XSS.txt", "source": "cve@mitre.org", "tags": [ "Exploit" ] }, { "url": "http://secunia.com/advisories/40827", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/archive/1/512878/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/bid/42216", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.tomneaves.com/Cisco_Wireless_Control_System_XSS.txt", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ] } ] }