Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-6007

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-6007
Last Modified 30 Jan 2013 12:00:00
Published 19 Dec 2012 06:56:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-6007

Summary

Cross-site scripting (XSS) vulnerability in screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to inject arbitrary web script or HTML via the headline parameter, aka Bug ID CSCud65187, a different vulnerability than CVE-2012-5992.

Vulnerable Systems

Operating System

  • Cisco Wireless Lan Controller Software 7.2.110.0


References

MISC - http://infosec42.blogspot.dk/2012/12/cisco-wlc-csrf-dos-and-persistent-xss.html


Last Updated: 27 May 2016 10:58:31