Cisco Ironport AsyncOS Cross Site Scripting

2015.02.25
Credit: Glafkos Charalambous
Risk: Low
Local: No
Remote: Yes
CVE: CVE-2013-6780
CWE: CWE-79


CVSS Base Score: 4.3/10
Impact Subscore: 2.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

Cisco Ironport AsyncOS Cross Site Scripting Vendor: Cisco Product webpage: http://www.cisco.com Affected version(s): Cisco Ironport ESA - AsyncOS 8.0.1-023 Cisco Ironport WSA - AsyncOS 8.5.5-022 Cisco Ironport SMA - AsyncOS 8.4.0-126 Date: 24/02/2015 Credits: Glafkos Charalambous CVE: CVE-2013-6780 Disclosure Timeline: 28-10-2014: Vendor Notification 28-10-2014: Vendor Response/Feedback 22-01-2015: Vendor Fix/Patch 24-02-2015: Public Disclosure Description: Cisco AsyncOS is vulnerable to unauthenticated Cross-site scripting (XSS), caused by improper validation of user supplied input in the (uploader.swf) Uploader component in Yahoo! versions 2.5.0 through 2.9.0. An attacker is able to inject arbitrary web script or HTML via the allowedDomain parameter. XSS Payload: http(s)://domain.com/yui/uploader/assets/uploader.swf?allowedDomain=\"})))}catch(e){alert('XSS');}// References: https://tools.cisco.com/bugsearch/bug/CSCur44409 https://tools.cisco.com/bugsearch/bug/CSCur89626 https://tools.cisco.com/bugsearch/bug/CSCur89624 http://yuilibrary.com/support/20131111-vulnerability/ http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6780 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6780 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) mQENBFE6TCMBCADQKVLT3xkJDQpUE6M3akJdFRWgFEy2pwoDbnOGDhw6yQYObDEuUlixRV5u xaIwzh9xPSS36B72bhQC3isHuqDu3xVhx9OX7XlLheXDZJdRbNIXQ3YPk1uYQizuoIpHq08x Eq4V2CXq7ovZPhWI6+iJt6QkVYvZXJdyoTKT8bLaFSOEfLeyAgkCQdXOgnzmNWeedxp0xGAj KL7qIhLETp/MK46ndo5hF8RIbVs59gWdu4GxXr96qViJLiAYO1dQNLc+LShMnue91neTjLoe JkpgqLfEGKV459eCJNqxlylIVbxyTmigExftZKAdNFHat0txK0fB/bLOwRnNFqYWQxanABEB AAG0KEdsYWZrb3MgQ2hhcmFsYW1ib3VzIDxnbGFma29zQGdtYWlsLmNvbT6JATgEEwECACIF AlE6TCMCGw8GCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEHAhLSD814yOAcoIALO6d2AQ M0l9KD9hPIody4VYOgY8stBrumI+t8njzJOYCCLdzB781vCAa0vINPFuFxGp2e8EfMfvf8+Z S6kC8EOQ6XyC8eq6imc1Q+tFMwTgykJZPFdosfXjBwg9jos/CR4dI6RZuzGC/FdXjpTAypbE n3m2a+DBb6CUPeB9nVQq6ukRGbuZ8S+veWRNFwKkTSwC0HKtf9Od+JBrLKesNa3LWLo8q7+d V3VS8rf8cmOOGBuaITzj87iRpgAgkF3MATa1Vb2nbbdYMpvHbzoj62mSqRiyEp1SOY9XkgcL 2ORsjgjww7GpH3F8LFvaHSHVz+037+E/+i/OSTS7o6gY4eI= =yiro -----END PGP SIGNATURE-----

References:

https://tools.cisco.com/bugsearch/bug/CSCur44409
https://tools.cisco.com/bugsearch/bug/CSCur89626
https://tools.cisco.com/bugsearch/bug/CSCur89624
http://yuilibrary.com/support/20131111-vulnerability/
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6780
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6780


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top