{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-08-04T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in webacs/QuickSearchAction.do in the search feature in the web interface in Cisco Wireless Control System (WCS) before 6.0(194.0) and 7.x before 7.0.164 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, aka Bug ID CSCtf14288."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "42216", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/42216"}, {"tags": ["x_refsource_MISC"], "url": "http://www.tomneaves.com/Cisco_Wireless_Control_System_XSS.txt"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html"}, {"name": "20100804 Cisco Wireless Control System XSS", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/512878/100/0/threaded"}, {"name": "40827", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/40827"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-2986", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in webacs/QuickSearchAction.do in the search feature in the web interface in Cisco Wireless Control System (WCS) before 6.0(194.0) and 7.x before 7.0.164 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, aka Bug ID CSCtf14288."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "42216", "refsource": "BID", "url": "http://www.securityfocus.com/bid/42216"}, {"name": "http://www.tomneaves.com/Cisco_Wireless_Control_System_XSS.txt", "refsource": "MISC", "url": "http://www.tomneaves.com/Cisco_Wireless_Control_System_XSS.txt"}, {"name": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html", "refsource": "CONFIRM", "url": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html"}, {"name": "20100804 Cisco Wireless Control System XSS", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/512878/100/0/threaded"}, {"name": "40827", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/40827"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-2986", "datePublished": "2010-08-09T20:00:00", "dateReserved": "2010-08-09T00:00:00", "dateUpdated": "2018-10-10T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F9C754F-C126-4363-A965-49205D92F300", "versionEndIncluding": "6.0.188.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:3.2.78.0:*:*:*:*:*:*:*", "matchCriteriaId": "357C618B-DF8F-4FB4-9C49-491852677984", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.0.155.5:*:*:*:*:*:*:*", "matchCriteriaId": "F7D1D2FC-0C61-48E0-9BEF-A9770C4BF5E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1C92C153-0AA1-47C9-B4F0-6823F0B32F97", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.83.0:*:*:*:*:*:*:*", "matchCriteriaId": "47C0B1E8-1C88-476C-88A1-2BA50BDCA851", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.91.0:*:*:*:*:*:*:*", "matchCriteriaId": "3800664A-0AA1-46CD-A73D-8D734378DFF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.171.0:*:*:*:*:*:*:*", "matchCriteriaId": "DA186C0A-32C3-41F4-AF67-D3CB17DBC88F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.191.xm:*:*:*:*:*:*:*", "matchCriteriaId": "437151E2-6368-448C-9313-5D2F8BC02C21", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.192.35m:*:*:*:*:*:*:*", "matchCriteriaId": "254E4172-E08A-41A6-A6D8-7112CAD318A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.1.192.xm:*:*:*:*:*:*:*", "matchCriteriaId": "451A2C64-84A0-4400-A1D4-843BCD10D5FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.62.0:*:*:*:*:*:*:*", "matchCriteriaId": "12EA9C01-D568-4A01-A8F8-C194EC026035", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.62.11:*:*:*:*:*:*:*", "matchCriteriaId": "2D3B6F52-F023-43F0-A544-65807B52495C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.81.0:*:*:*:*:*:*:*", "matchCriteriaId": "5FAC9C22-67D4-44E2-BCA4-FF337CFCE300", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.97.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0F1F07C-A281-4262-92CA-C8D26CB658E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.110.0:*:*:*:*:*:*:*", "matchCriteriaId": "2D5DEF5A-2E45-478A-A9F7-34C6D1F37F6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.128.0:*:*:*:*:*:*:*", "matchCriteriaId": "44941345-6298-4B0A-B549-480DCD2E6FFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.130.0:*:*:*:*:*:*:*", "matchCriteriaId": "54575431-6C23-4D41-9CA2-768F39714009", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.173.0:*:*:*:*:*:*:*", "matchCriteriaId": "0CC84854-3970-454D-8B05-C0E6A15BFE6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.176.0:*:*:*:*:*:*:*", "matchCriteriaId": "31A29A50-CDEC-4CC1-BFAF-ED4EC38AF650", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:4.2.209.0:*:*:*:*:*:*:*", "matchCriteriaId": "A18F6F25-62F5-4069-B1F5-9EB5FAA43225", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.0.56.0:*:*:*:*:*:*:*", "matchCriteriaId": "BA249E97-D24E-4507-8E29-394DA6066EB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.0.56.2:*:*:*:*:*:*:*", "matchCriteriaId": "CA3F6111-E9D4-49FD-A2A9-35CB1B9F809E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.0.148.0:*:*:*:*:*:*:*", "matchCriteriaId": "21DF8062-4D11-492E-9F70-8BB327609D6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.1.64.0:*:*:*:*:*:*:*", "matchCriteriaId": "4B4BA5AE-1BB4-406A-AF28-561FB218C391", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.1.65.4:*:*:*:*:*:*:*", "matchCriteriaId": "D7C02398-E3D8-4180-B07E-258754040D36", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.1.151.0:*:*:*:*:*:*:*", "matchCriteriaId": "99056BCC-2B32-4F2F-AE0C-0678A7753887", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.2.110.0:*:*:*:*:*:*:*", "matchCriteriaId": "B38484C0-8EB6-4FAE-A22D-3BE0D8602DED", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.2.125.0:*:*:*:*:*:*:*", "matchCriteriaId": "726692A7-0F47-47B9-A04E-B31F0BD73F12", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.2.130.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BBADB1E-8C44-4854-A3ED-557744C3B393", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.2.148.0:*:*:*:*:*:*:*", "matchCriteriaId": "83C38FE7-C60F-476F-9704-22E6C4D6B181", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:5.2.157.0:*:*:*:*:*:*:*", "matchCriteriaId": "8EC815C0-276A-44DA-9A2E-453D86923874", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "13E52795-7C27-4E3B-ABDC-549AC9728B55", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:6.0.132.0:*:*:*:*:*:*:*", "matchCriteriaId": "E8486474-1D58-4165-92A7-AB9079B8A9B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:6.0.170.0:*:*:*:*:*:*:*", "matchCriteriaId": "4D5A7438-651D-4080-B587-EBAEBA0098F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:6.0.181.0:*:*:*:*:*:*:*", "matchCriteriaId": "E09E8ADF-0D0C-493C-B2A8-58DF6F725E45", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:6.0.182.0:*:*:*:*:*:*:*", "matchCriteriaId": "41489DF2-0A3B-4A5D-A296-03BCE07F5220", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "09379903-D1CB-424A-BCBC-2FA88FA826FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wireless_control_system_software:7.0.98.0:*:*:*:*:*:*:*", "matchCriteriaId": "BBFC4BDD-CF79-4B1E-B3B6-BF82A74B0ECA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in webacs/QuickSearchAction.do in the search feature in the web interface in Cisco Wireless Control System (WCS) before 6.0(194.0) and 7.x before 7.0.164 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, aka Bug ID CSCtf14288."}, {"lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en webacs/QuickSearchAction.do de la opci\u00f3n de b\u00fasqueda del interfaz web de Cisco Wireless Control System (WCS) anterior a v6.0(194.0) y v7.x anterior a v7.0.164, permite a atacantes remotos inyectar c\u00f3digo web o HTML a trav\u00e9s del par\u00e1metro searchText, tambi\u00e9n conocido como Bug ID CSCtf14288."}], "id": "CVE-2010-2986", "lastModified": "2018-10-10T20:00:40.437", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-08-10T12:23:06.270", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/40827"}, {"source": "cve@mitre.org", "url": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/512878/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/42216"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.tomneaves.com/Cisco_Wireless_Control_System_XSS.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}