CVE-2012-6007
Published Dec 19, 2012
Last updated 12 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to inject arbitrary web script or HTML via the headline parameter, aka Bug ID CSCud65187, a different vulnerability than CVE-2012-5992.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:7.2.110.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D4F9E21-A0AB-4E18-B3E6-13DE2206974C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:2000_wireless_lan_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65B6A979-5487-4ABF-AD66-522442D6DC38"
},
{
"criteria": "cpe:2.3:h:cisco:2100_wireless_lan_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24B6D315-BBA5-4C37-BB74-BD1ADCA77F69"
},
{
"criteria": "cpe:2.3:h:cisco:2500_wireless_lan_controller:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52A0DE1A-D1A2-4F5A-B237-4F53892775E4"
},
{
"criteria": "cpe:2.3:h:cisco:4100_wireless_lan_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "97790CF3-F428-499C-A175-1DB8380432F0"
},
{
"criteria": "cpe:2.3:h:cisco:4400_wireless_lan_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62DD77D6-9809-4B8B-A19F-1D10449C546F"
},
{
"criteria": "cpe:2.3:h:cisco:5500_wireless_lan_controller:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EEA74EC6-0B2D-441A-8DDB-FFB736D0CF56"
},
{
"criteria": "cpe:2.3:h:cisco:7500_wireless_lan_controller:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D51BCAD1-576F-44A7-85CF-DF03363DBFAB"
},
{
"criteria": "cpe:2.3:h:cisco:8500_wireless_lan_controller:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE9BD1C8-10F8-4BA7-A883-42384A5EC1A5"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]