{"containers": {"cna": {"affected": [{"product": "Cisco IOS XE Software 3.6.0E", "vendor": "Cisco", "versions": [{"lessThan": "n/a", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2019-09-25T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to insufficient input validation of the banner parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by crafting a banner parameter and saving it. The attacker could then convince a user of the web interface to access a malicious link or could intercept a user request for the affected web interface and inject malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-09-25T20:16:02", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20190925 Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxss"}], "source": {"advisory": "cisco-sa-20190925-sbxss", "defect": [["CSCvk25852"]], "discovery": "INTERNAL"}, "title": "Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2019-09-25T16:00:00-0700", "ID": "CVE-2019-12668", "STATE": "PUBLIC", "TITLE": "Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco IOS XE Software 3.6.0E", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to insufficient input validation of the banner parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by crafting a banner parameter and saving it. The attacker could then convince a user of the web interface to access a malicious link or could intercept a user request for the affected web interface and inject malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "impact": {"cvss": {"baseScore": "4.8", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79"}]}]}, "references": {"reference_data": [{"name": "20190925 Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxss"}]}, "source": {"advisory": "cisco-sa-20190925-sbxss", "defect": [["CSCvk25852"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T23:24:39.242Z"}, "title": "CVE Program Container", "references": [{"name": "20190925 Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxss"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-21T18:56:50.374188Z", "id": "CVE-2019-12668", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-21T19:13:12.570Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2019-12668", "datePublished": "2019-09-25T20:16:02.222903Z", "dateReserved": "2019-06-04T00:00:00", "dateUpdated": "2024-11-21T19:13:12.570Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "D3A156FE-590E-49DB-819D-4103D629829D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)ea:*:*:*:*:*:*:*", "matchCriteriaId": "50CB7858-C857-41E2-9E5D-9368EEC2825E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "BB214EAE-AEB7-4359-AD8C-86CCC080EF96", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)ea:*:*:*:*:*:*:*", "matchCriteriaId": "A9D6FBCE-F1F0-437B-A9B0-57F717C974F1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "2CE9B41B-B1B5-45A2-8DBE-775B1CE4F2C8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)ea:*:*:*:*:*:*:*", "matchCriteriaId": "BBF92BEC-AA46-46DF-8C1E-956F3E506E69", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)ec:*:*:*:*:*:*:*", "matchCriteriaId": "DF3C4298-7F6E-4C19-949C-EE317BB720A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "F112DE64-0042-4FB9-945D-3107468193E5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)ea:*:*:*:*:*:*:*", "matchCriteriaId": "BE991877-18E0-4374-A441-C2316085CCA6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)ex:*:*:*:*:*:*:*", "matchCriteriaId": "7A472B96-0DDE-49DD-A7E3-A82DD6AEB3DD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "199DCF1B-8A1E-47CC-87A6-64E6F21D8886", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "6437E689-A049-4D48-AB7A-49CA7EBDE8B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", "matchCriteriaId": "6592816B-F5E6-4DC2-B099-04DCC6220181", "versionEndExcluding": "16.3.8", "versionStartIncluding": "16.1.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7ABF091-4A70-453B-888D-A6D2DF5A1DEF", "versionEndExcluding": "16.6.5", "versionStartIncluding": "16.4.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", "matchCriteriaId": "3022F120-FBE2-4B5D-8B09-1F1EDC37D3A9", "versionEndExcluding": "16.8.2", "versionStartIncluding": "16.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", "matchCriteriaId": "94FDF1D1-C903-488B-ABBB-9DEFCFBE2034", "versionEndExcluding": "16.9.2", "versionStartIncluding": "16.9.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.6e:*:*:*:*:*:*:*", "matchCriteriaId": "CAEDC03A-CDD5-450E-9528-1DB9EC490DAF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.7e:*:*:*:*:*:*:*", "matchCriteriaId": "3BD3E067-E41B-4C8E-B5B2-C91CF7153E79", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.8e:*:*:*:*:*:*:*", "matchCriteriaId": "5BC8D6F3-9A50-437D-B4BE-36CE4ADBC9C9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.9e:*:*:*:*:*:*:*", "matchCriteriaId": "13A26079-2C57-41EC-A001-3E2669963967", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10e:*:*:*:*:*:*:*", "matchCriteriaId": "FFF8E8E1-215B-437E-B7EF-64F9AAFA73A5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:16.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "0ED5527C-A638-4E20-9928-099E32E17743", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to insufficient input validation of the banner parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by crafting a banner parameter and saving it. The attacker could then convince a user of the web interface to access a malicious link or could intercept a user request for the affected web interface and inject malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information."}, {"lang": "es", "value": "Una vulnerabilidad en el c\u00f3digo del framework web de los Software Cisco IOS y Cisco IOS XE, podr\u00eda permitir a un atacante remoto autenticado realizar un ataque de tipo cross-site scripting (XSS) almacenado contra un usuario de la interfaz web del software afectado usando el par\u00e1metro banner. La vulnerabilidad es debido a una comprobaci\u00f3n de entrada insuficiente de los par\u00e1metros banner que son pasados hacia el servidor web del software afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el dise\u00f1o de un par\u00e1metro de banner y guardarlo. El atacante podr\u00eda convencer a un usuario de la interfaz web para acceder a un enlace malicioso o podr\u00eda interceptar una petici\u00f3n del usuario para la interfaz web afectada e inyectar c\u00f3digo malicioso en la petici\u00f3n. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo script arbitrario en el contexto de la interfaz web afectada o permitir al atacante acceder a informaci\u00f3n confidencial basada en navegador."}], "id": "CVE-2019-12668", "lastModified": "2019-10-09T23:46:01.810", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "ykramarz@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-09-25T21:15:11.577", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sbxss"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

{}