Guest

Preview Tool

Cisco Bug: CSCtb38467 - DOM based XSS vulnerabilty in Cisco Router and Security Device Manager

Last Modified

Feb 07, 2017

Products (1)

Known Affected Releases

4.1(0)

Description (partial)

Symptom:
 DOM based XSS vulnerability in Cisco Router and Security Device Manager (SDM)
  
 Conditions:
 Affects all versions of SDM installed on a PC or PC and Router.
 
 Authentication is not required for this XSS to be exploited if the router is
not configured for
 authentication.
 
 If authentication is configured for user sessions, authentication will be
required before the XSS can be
 exploited.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.