// For flags

CVE-2007-1467

 

Severity Score

3.5
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form.

Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en (1) PreSearch.html y (2) PreSearch.class en Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks y productos relacionados, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), y Wireless Control System (WCS) permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de campos de texto de un formulario de búsqueda.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
Single
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-03-16 CVE Reserved
  • 2007-03-16 CVE Published
  • 2024-05-11 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Acs Solution Engine
Search vendor "Cisco" for product "Acs Solution Engine"
4.1
Search vendor "Cisco" for product "Acs Solution Engine" and version "4.1"
-
Affected
Cisco
Search vendor "Cisco"
Acs Solution Engine
Search vendor "Cisco" for product "Acs Solution Engine"
4.1
Search vendor "Cisco" for product "Acs Solution Engine" and version "4.1"
windows
Affected
Cisco
Search vendor "Cisco"
Ciscoworks
Search vendor "Cisco" for product "Ciscoworks"
*-
Affected
Cisco
Search vendor "Cisco"
Ip Communicator
Search vendor "Cisco" for product "Ip Communicator"
*-
Affected
Cisco
Search vendor "Cisco"
Meetingplace
Search vendor "Cisco" for product "Meetingplace"
*-
Affected
Cisco
Search vendor "Cisco"
Security Device Manager
Search vendor "Cisco" for product "Security Device Manager"
*-
Affected
Cisco
Search vendor "Cisco"
Unified Meetingplace
Search vendor "Cisco" for product "Unified Meetingplace"
*-
Affected
Cisco
Search vendor "Cisco"
Unified Meetingplace Express
Search vendor "Cisco" for product "Unified Meetingplace Express"
*-
Affected
Cisco
Search vendor "Cisco"
Unified Personal Communicator
Search vendor "Cisco" for product "Unified Personal Communicator"
*-
Affected
Cisco
Search vendor "Cisco"
Unified Video Advantage
Search vendor "Cisco" for product "Unified Video Advantage"
*-
Affected
Cisco
Search vendor "Cisco"
Unified Videoconferencing
Search vendor "Cisco" for product "Unified Videoconferencing"
*-
Affected
Cisco
Search vendor "Cisco"
Unified Videoconferencing Manager
Search vendor "Cisco" for product "Unified Videoconferencing Manager"
*-
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.5.1
Search vendor "Cisco" for product "Vpn Client" and version "3.5.1"
linux
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.5.1
Search vendor "Cisco" for product "Vpn Client" and version "3.5.1"
solaris
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.5.2
Search vendor "Cisco" for product "Vpn Client" and version "3.5.2"
linux
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.5.2
Search vendor "Cisco" for product "Vpn Client" and version "3.5.2"
mac_os_x
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.5.2
Search vendor "Cisco" for product "Vpn Client" and version "3.5.2"
solaris
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.5.2b
Search vendor "Cisco" for product "Vpn Client" and version "3.5.2b"
linux
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.5.2b
Search vendor "Cisco" for product "Vpn Client" and version "3.5.2b"
mac_os_x
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.5.2b
Search vendor "Cisco" for product "Vpn Client" and version "3.5.2b"
solaris
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.5.4
Search vendor "Cisco" for product "Vpn Client" and version "3.5.4"
linux
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.5.4
Search vendor "Cisco" for product "Vpn Client" and version "3.5.4"
mac_os_x
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.5.4
Search vendor "Cisco" for product "Vpn Client" and version "3.5.4"
solaris
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.6
Search vendor "Cisco" for product "Vpn Client" and version "3.6"
linux
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.6
Search vendor "Cisco" for product "Vpn Client" and version "3.6"
mac_os_x
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.6
Search vendor "Cisco" for product "Vpn Client" and version "3.6"
solaris
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.6.1
Search vendor "Cisco" for product "Vpn Client" and version "3.6.1"
linux
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.6.1
Search vendor "Cisco" for product "Vpn Client" and version "3.6.1"
mac_os_x
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
3.6.1
Search vendor "Cisco" for product "Vpn Client" and version "3.6.1"
solaris
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
4.0.2a
Search vendor "Cisco" for product "Vpn Client" and version "4.0.2a"
mac_os_x
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
4.0.2a
Search vendor "Cisco" for product "Vpn Client" and version "4.0.2a"
solaris
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
4.0.2c
Search vendor "Cisco" for product "Vpn Client" and version "4.0.2c"
mac_os_x
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
4.0.2c
Search vendor "Cisco" for product "Vpn Client" and version "4.0.2c"
solaris
Affected
Cisco
Search vendor "Cisco"
Vpn Client
Search vendor "Cisco" for product "Vpn Client"
4.8.1
Search vendor "Cisco" for product "Vpn Client" and version "4.8.1"
windows
Affected
Cisco
Search vendor "Cisco"
Wan Manager
Search vendor "Cisco" for product "Wan Manager"
*-
Affected
Cisco
Search vendor "Cisco"
Wireless Lan Controllers
Search vendor "Cisco" for product "Wireless Lan Controllers"
*-
Affected
Cisco
Search vendor "Cisco"
Wireless Lan Solution Engine
Search vendor "Cisco" for product "Wireless Lan Solution Engine"
*-
Affected
Cisco
Search vendor "Cisco"
Call Manager
Search vendor "Cisco" for product "Call Manager"
*-
Affected
Cisco
Search vendor "Cisco"
Network Analysis Module
Search vendor "Cisco" for product "Network Analysis Module"
*-
Affected
Cisco
Search vendor "Cisco"
Wireless Control System
Search vendor "Cisco" for product "Wireless Control System"
4.0
Search vendor "Cisco" for product "Wireless Control System" and version "4.0"
-
Affected