HTTP: Cisco Identity Services Engine 2.2 Cross Site Scripting
This signature detects attempts to exploit a known vulnerability against CISCO Identity Services Engine 2.2 (prior to 0.913). A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted request to the target server. Successful exploitation results in the execution of arbitrary script code in the browser of users utilizing the management interface
Extended Description
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient sanitization of user-supplied data that is written to log files and displayed in certain web pages of the web-based management interface of an affected device. An attacker could exploit this vulnerability by convincing a user of the interface to click a specific link or view an affected log file. The injected script code may be executed in the context of the web-based management interface or allow the attacker to access sensitive browser-based information.
Affected Products
Cisco identity_services_engine_software
Short Name
HTTP:XSS:CISCO-ISE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
2.2 CVE-2018-15440 Cisco Cross Engine Identity Scripting Services Site bid:106513
Release Date
03/13/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
False Positive
Unknown
Vendors
Cisco
CVSS Score
4.3