Advisories

Cisco IronPort Encryption Appliance Administrative Interface DOM-based Cross-site Scripting Vulnerability

Monday, February 13, 2012

Dell SecureWorks Security Advisory SWRX-2012-001

Advisory Information

Title: Cisco IronPort Encryption Appliance administrative interface DOM-based cross-site scripting vulnerability
Advisory ID: SWRX-2012-001
Date published: Monday, February 13, 2012
CVE: CVE-2012-0340
CVSS v2 base score: 4.3
Date of last update: Monday, February 13, 2012
Vendors contacted: Cisco Systems, Inc.
Release mode: Coordinated
Discovered by: Craig Lambert, Dell SecureWorks

Summary

A vulnerability exists in Cisco IronPort Encryption Appliance due to improper input validation of user-controlled input to the web-based administrative interface. User-controlled input supplied to the login page via the URL parameters/values is not properly sanitized for illegal or malicious content prior to being returned to the user in dynamically generated web content. A remote, unauthenticated attacker could exploit this vulnerability to perform DOM-based cross-site scripting (XSS) attacks, potentially resulting in the compromise of administrator sessions on the Cisco IronPort Encryption Appliance device.

Download the PDF

PGP Signature (PC Users: You may need to right click your mouse and select "Save As")

SecureWorks CTU Public Key