CVE-2010-2986

{"id": "CVE-2010-2986", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-08-10T12:23:06.270", "references": [{"url": "http://secunia.com/advisories/40827", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/512878/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/42216", "source": "cve@mitre.org"}, {"url": "http://www.tomneaves.com/Cisco_Wireless_Control_System_XSS.txt", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/40827", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/512878/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/42216", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.tomneaves.com/Cisco_Wireless_Control_System_XSS.txt", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in webacs/QuickSearchAction.do in the search feature in the web interface in Cisco Wireless Control System (WCS) before 6.0(194.0) and 7.x before 7.0.164 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, aka Bug ID CSCtf14288."}, {"lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en webacs/QuickSearchAction.do de la opci\u00f3n de b\u00fasqueda del interfaz web de Cisco Wireless Control System (WCS) anterior a v6.0(194.0) y v7.x anterior a v7.0.164, permite a atacantes remotos inyectar c\u00f3digo web o HTML a trav\u00e9s del par\u00e1metro searchText, tambi\u00e9n conocido como Bug ID CSCtf14288."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F9C754F-C126-4363-A965-49205D92F300", "versionEndIncluding": "6.0.188.0"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:3.2.78.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "357C618B-DF8F-4FB4-9C49-491852677984"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.0.155.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7D1D2FC-0C61-48E0-9BEF-A9770C4BF5E0"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C92C153-0AA1-47C9-B4F0-6823F0B32F97"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.83.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47C0B1E8-1C88-476C-88A1-2BA50BDCA851"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.91.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3800664A-0AA1-46CD-A73D-8D734378DFF6"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.171.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA186C0A-32C3-41F4-AF67-D3CB17DBC88F"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.191.xm:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "437151E2-6368-448C-9313-5D2F8BC02C21"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.192.35m:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "254E4172-E08A-41A6-A6D8-7112CAD318A0"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.192.xm:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "451A2C64-84A0-4400-A1D4-843BCD10D5FA"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.62.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12EA9C01-D568-4A01-A8F8-C194EC026035"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.62.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D3B6F52-F023-43F0-A544-65807B52495C"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.81.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5FAC9C22-67D4-44E2-BCA4-FF337CFCE300"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.97.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0F1F07C-A281-4262-92CA-C8D26CB658E1"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.110.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D5DEF5A-2E45-478A-A9F7-34C6D1F37F6B"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.128.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44941345-6298-4B0A-B549-480DCD2E6FFA"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.130.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54575431-6C23-4D41-9CA2-768F39714009"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.173.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CC84854-3970-454D-8B05-C0E6A15BFE6B"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.176.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31A29A50-CDEC-4CC1-BFAF-ED4EC38AF650"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.209.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A18F6F25-62F5-4069-B1F5-9EB5FAA43225"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.0.56.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA249E97-D24E-4507-8E29-394DA6066EB1"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.0.56.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA3F6111-E9D4-49FD-A2A9-35CB1B9F809E"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.0.148.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21DF8062-4D11-492E-9F70-8BB327609D6F"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.1.64.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B4BA5AE-1BB4-406A-AF28-561FB218C391"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.1.65.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7C02398-E3D8-4180-B07E-258754040D36"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.1.151.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99056BCC-2B32-4F2F-AE0C-0678A7753887"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.2.110.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B38484C0-8EB6-4FAE-A22D-3BE0D8602DED"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.2.125.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "726692A7-0F47-47B9-A04E-B31F0BD73F12"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.2.130.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BBADB1E-8C44-4854-A3ED-557744C3B393"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.2.148.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83C38FE7-C60F-476F-9704-22E6C4D6B181"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.2.157.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8EC815C0-276A-44DA-9A2E-453D86923874"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13E52795-7C27-4E3B-ABDC-549AC9728B55"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:6.0.132.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8486474-1D58-4165-92A7-AB9079B8A9B8"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:6.0.170.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D5A7438-651D-4080-B587-EBAEBA0098F1"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:6.0.181.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E09E8ADF-0D0C-493C-B2A8-58DF6F725E45"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:6.0.182.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41489DF2-0A3B-4A5D-A296-03BCE07F5220"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09379903-D1CB-424A-BCBC-2FA88FA826FE"}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:7.0.98.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBFC4BDD-CF79-4B1E-B3B6-BF82A74B0ECA"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}