AV:R/AC:H/Au:NR/C:N/I:P/A:N/B:N/E:U/RL:O/RC:C
-
Cisco Unified MeetingPlace versions prior to 5.3.235.0 contain a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks.
This vulnerability exists due to insufficient filtering of parameters by Cisco Unified MeetingPlace. An unauthenticated, remote attacker could exploit this vulnerability by convincing a user to follow a malicious link. When followed, the link could trigger the execution of arbitrary script code or HTML within a user's browser session in the security context of the Cisco Unified MeetingPlace site.
Cisco confirmed this vulnerability in a security response and released updated software.
To exploit this vulnerability, an attacker must convince a user to follow a malicious URL, likely provided within an e-mail message. Prior to an exploit, the user must have a valid, logged-in session to the affected application or log in as part of an exploit attempt. As a result of successful exploitation, the attacker could execute arbitrary script code in the user's browser session within the Cisco Unified MeetingPlace application. An exploit could allow the attacker to gain access to sensitive browser-based information or possibly take actions on the affected site as the user.
Software versions 5.3.333.0 and later have been corrected to return a properly formatted XML message.
-
Cisco has released a security response to address Cisco Bug ID CSCsi33940 at the following link: cisco-sr-20070808-mp
-
Administrators are advised to apply the available software updates.
Users are advised not to visit untrusted websites.
Users are advised not to open e-mail from untrusted sources.
Users are advised not to follow unsolicited links. Users should verify the authenticity of an unexpected link from a trusted source prior to following it.
For additional information on cross-site scripting attacks and methods, users are advised to reference the Cisco Applied Mitigation Bulletin Understanding Cross-Site Scripting Threat Vectors.
-
Cisco customers with active contracts can obtain updates through the Software Center at the following link: Cisco. Cisco customers without contracts can obtain upgrades by contacting the Cisco Technical Assistance Center at 1-800-553-2447 or 1-408-526-7209 or via e-mail at tac@cisco.com.
-
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
-
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
-
Version Description Section Status Date 1.0 Initial Release NA Final 2007-Aug-08
-
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy, and may lack important information or contain factual errors. The information in this document is intended for end-users of Cisco products.