HTTP: Cisco IOS HTTP Service HTML Injection Vulnerability
This signature detects attempts to exploit a known vulnerability against Cisco IOS HTTP Service. A successful attack can result in a denial-of-service condition.
Extended Description
Cisco IOS HTTP service is prone to an HTML-injection vulnerability. An attacker can submit malicious HTML and script code through the '/level/15/exec/-/buffers/assigned' and '/level/15/exec/-/buffers/all' scripts. This code may run in the browser of an administrator when they attempt to view the contents of memory buffers through the vulnerable scripts of the HTTP service. IOS 11.0 through 12.4 are affected. IOS XR is not vulnerable. This issue is documented by Cisco Bug ID CSCsc64976. NOTE: Since this is an HTML-injection vulnerability that targets users of the IOS web interface, devices with the HTTP service disabled are not affected.
Affected Products
Cisco ios
Short Name
HTTP:CISCO:IOS-HTML-INJ
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2005-3921 Cisco HTML HTTP IOS Injection Service Vulnerability bid:15602
Release Date
09/15/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Cisco
CVSS Score
2.6