CVE-2007-1467
Severity Score
3.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form.
Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en (1) PreSearch.html y (2) PreSearch.class en Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks y productos relacionados, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), y Wireless Control System (WCS) permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de campos de texto de un formulario de búsqueda.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-03-16 CVE Reserved
- 2007-03-16 CVE Published
- 2024-05-11 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/24499 | Third Party Advisory | |
| http://securityreason.com/securityalert/2437 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/462932/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/462944/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/22982 | Vdb Entry | |
| http://www.securitytracker.com/id?1017778 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/0973 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33024 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.html | 2018-10-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Acs Solution Engine Search vendor "Cisco" for product "Acs Solution Engine" | 4.1 Search vendor "Cisco" for product "Acs Solution Engine" and version "4.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Acs Solution Engine Search vendor "Cisco" for product "Acs Solution Engine" | 4.1 Search vendor "Cisco" for product "Acs Solution Engine" and version "4.1" | windows |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ciscoworks Search vendor "Cisco" for product "Ciscoworks" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ip Communicator Search vendor "Cisco" for product "Ip Communicator" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Meetingplace Search vendor "Cisco" for product "Meetingplace" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Security Device Manager Search vendor "Cisco" for product "Security Device Manager" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Unified Meetingplace Search vendor "Cisco" for product "Unified Meetingplace" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Unified Meetingplace Express Search vendor "Cisco" for product "Unified Meetingplace Express" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Unified Personal Communicator Search vendor "Cisco" for product "Unified Personal Communicator" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Unified Video Advantage Search vendor "Cisco" for product "Unified Video Advantage" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Unified Videoconferencing Search vendor "Cisco" for product "Unified Videoconferencing" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Unified Videoconferencing Manager Search vendor "Cisco" for product "Unified Videoconferencing Manager" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.5.1 Search vendor "Cisco" for product "Vpn Client" and version "3.5.1" | linux |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.5.1 Search vendor "Cisco" for product "Vpn Client" and version "3.5.1" | solaris |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.5.2 Search vendor "Cisco" for product "Vpn Client" and version "3.5.2" | linux |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.5.2 Search vendor "Cisco" for product "Vpn Client" and version "3.5.2" | mac_os_x |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.5.2 Search vendor "Cisco" for product "Vpn Client" and version "3.5.2" | solaris |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.5.2b Search vendor "Cisco" for product "Vpn Client" and version "3.5.2b" | linux |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.5.2b Search vendor "Cisco" for product "Vpn Client" and version "3.5.2b" | mac_os_x |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.5.2b Search vendor "Cisco" for product "Vpn Client" and version "3.5.2b" | solaris |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.5.4 Search vendor "Cisco" for product "Vpn Client" and version "3.5.4" | linux |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.5.4 Search vendor "Cisco" for product "Vpn Client" and version "3.5.4" | mac_os_x |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.5.4 Search vendor "Cisco" for product "Vpn Client" and version "3.5.4" | solaris |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.6 Search vendor "Cisco" for product "Vpn Client" and version "3.6" | linux |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.6 Search vendor "Cisco" for product "Vpn Client" and version "3.6" | mac_os_x |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.6 Search vendor "Cisco" for product "Vpn Client" and version "3.6" | solaris |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.6.1 Search vendor "Cisco" for product "Vpn Client" and version "3.6.1" | linux |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.6.1 Search vendor "Cisco" for product "Vpn Client" and version "3.6.1" | mac_os_x |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 3.6.1 Search vendor "Cisco" for product "Vpn Client" and version "3.6.1" | solaris |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 4.0.2a Search vendor "Cisco" for product "Vpn Client" and version "4.0.2a" | mac_os_x |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 4.0.2a Search vendor "Cisco" for product "Vpn Client" and version "4.0.2a" | solaris |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 4.0.2c Search vendor "Cisco" for product "Vpn Client" and version "4.0.2c" | mac_os_x |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 4.0.2c Search vendor "Cisco" for product "Vpn Client" and version "4.0.2c" | solaris |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn Client Search vendor "Cisco" for product "Vpn Client" | 4.8.1 Search vendor "Cisco" for product "Vpn Client" and version "4.8.1" | windows |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wan Manager Search vendor "Cisco" for product "Wan Manager" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wireless Lan Controllers Search vendor "Cisco" for product "Wireless Lan Controllers" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wireless Lan Solution Engine Search vendor "Cisco" for product "Wireless Lan Solution Engine" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Call Manager Search vendor "Cisco" for product "Call Manager" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Network Analysis Module Search vendor "Cisco" for product "Network Analysis Module" | * | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wireless Control System Search vendor "Cisco" for product "Wireless Control System" | 4.0 Search vendor "Cisco" for product "Wireless Control System" and version "4.0" | - |
Affected
| ||||||