fkie_nvd - fkie_cve-2006-3073

fkie_cve-2006-3073

Vulnerability from fkie_nvd

Published

2006-06-19 10:02

Modified

2025-04-03 01:03

Severity ?

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the WebVPN feature in the Cisco VPN 3000 Series Concentrators and Cisco ASA 5500 Series Adaptive Security Appliances (ASA), when in WebVPN clientless mode, allow remote attackers to inject arbitrary web script or HTML via the domain parameter in (1) dnserror.html and (2) connecterror.html, aka bugid CSCsd81095 (VPN3k) and CSCse48193 (ASA). NOTE: the vendor states that "WebVPN full-network-access mode" is not affected, despite the claims by the original researcher.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/20644	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1016252	Exploit
cve@mitre.org	http://www.cisco.com/warp/public/707/cisco-sr-20060613-webvpn-xss.shtml
cve@mitre.org	http://www.osvdb.org/26453
cve@mitre.org	http://www.osvdb.org/26454
cve@mitre.org	http://www.securityfocus.com/archive/1/436479/30/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/18419
cve@mitre.org	http://www.vupen.com/english/advisories/2006/2331
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/27086
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20644	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016252	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/cisco-sr-20060613-webvpn-xss.shtml
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/26453
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/26454
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/436479/30/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/18419
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/2331
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/27086

Impacted products

Vendor	Product	Version
cisco	asa_5500	7.0
cisco	asa_5500	7.0\(4\)
cisco	asa_5500	7.0.4.3
cisco	vpn_3000_concentrator_series_software	2.0
cisco	vpn_3000_concentrator_series_software	2.5.2.a
cisco	vpn_3000_concentrator_series_software	2.5.2.b
cisco	vpn_3000_concentrator_series_software	2.5.2.c
cisco	vpn_3000_concentrator_series_software	2.5.2.d
cisco	vpn_3000_concentrator_series_software	2.5.2.f
cisco	vpn_3000_concentrator_series_software	3.0
cisco	vpn_3000_concentrator_series_software	3.0.3.a
cisco	vpn_3000_concentrator_series_software	3.0.3.b
cisco	vpn_3000_concentrator_series_software	3.0.4
cisco	vpn_3000_concentrator_series_software	3.1
cisco	vpn_3000_concentrator_series_software	3.1\(rel\)
cisco	vpn_3000_concentrator_series_software	3.1.1
cisco	vpn_3000_concentrator_series_software	3.1.2
cisco	vpn_3000_concentrator_series_software	3.1.4
cisco	vpn_3000_concentrator_series_software	3.5\(rel\)
cisco	vpn_3000_concentrator_series_software	3.5.1
cisco	vpn_3000_concentrator_series_software	3.5.2
cisco	vpn_3000_concentrator_series_software	3.5.3
cisco	vpn_3000_concentrator_series_software	3.5.4
cisco	vpn_3000_concentrator_series_software	3.5.5
cisco	vpn_3000_concentrator_series_software	3.6
cisco	vpn_3000_concentrator_series_software	3.6.1
cisco	vpn_3000_concentrator_series_software	3.6.7
cisco	vpn_3000_concentrator_series_software	3.6.7d
cisco	vpn_3000_concentrator_series_software	4.0
cisco	vpn_3000_concentrator_series_software	4.0.1
cisco	vpn_3000_concentrator_series_software	4.0.5.b
cisco	vpn_3000_concentrator_series_software	4.1
cisco	vpn_3000_concentrator_series_software	4.1.5.b
cisco	vpn_3000_concentrator_series_software	4.1.7.a
cisco	vpn_3000_concentrator_series_software	4.1.7.b
cisco	vpn_3000_concentrator_series_software	4.7
cisco	vpn_3000_concentrator_series_software	4.7.1
cisco	vpn_3000_concentrator_series_software	4.7.1.f

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "891B8FA4-B602-42C5-A94F-8C60BBF7A7D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:7.0\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "083B3C00-AE54-48D7-A11B-E5BFE5607CF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:7.0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "635851C6-E383-415A-9123-270E205E0762",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
              "matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
              "matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*",
              "matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "645AB682-2965-4C8D-B323-AB510E424407",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9017BB-5848-4361-ABB9-C69FB3AB90FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C544E523-15E5-4CE5-8113-53454F5D9973",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B09F6EBD-C3FC-4680-BE31-A766D863237D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF8C3FDA-D321-4202-A8EA-6C1464558A8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B68705AB-A133-401F-9F41-64594E071816",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9092680-E154-4EAB-A2D5-B692073F894E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EF5F3FA-5FA4-408E-BA62-3943C5DFD859",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADFC9764-5BF5-449F-9200-5569C13F8309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "80709CB0-D386-4C4F-B3EE-7A0501FD7248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7d:*:*:*:*:*:*:*",
              "matchCriteriaId": "36291ADE-3D5A-4E49-8BA7-B71CAAA226B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D953DA9F-B54E-4941-85BE-48933C98DB55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12E298AD-26AC-4E1D-83D8-5C2016CC6559",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.5.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71DAF71-5763-44D8-AD1E-5ADE8BC15120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B35B6FA9-E504-4CE3-B171-815291A812CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.5.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFA54782-93A8-47BE-863D-89CA3678BF6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.a:*:*:*:*:*:*:*",
              "matchCriteriaId": "67F66A10-246D-447B-941F-F1175684F0D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "82435757-D892-4298-9176-5EC1FEC93037",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D03F5D3F-6FB1-4A25-B544-D3C973F35DD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A90348C-94E2-4F04-A887-E7EFFC1ACF12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.1.f:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F5E136E-9215-46A8-A40A-AE964C588A38",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in the WebVPN feature in the Cisco VPN 3000 Series Concentrators and Cisco ASA 5500 Series Adaptive Security Appliances (ASA), when in WebVPN clientless mode, allow remote attackers to inject arbitrary web script or HTML via the domain parameter in (1) dnserror.html and (2) connecterror.html, aka bugid CSCsd81095 (VPN3k) and CSCse48193 (ASA). NOTE: the vendor states that \"WebVPN full-network-access mode\" is not affected, despite the claims by the original researcher."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en WebVPN en la serie Cisco VPN 3000 y concentradores Cisco ASA 5500 Series Adaptive Security Appliances (ASA), cuando se encuentra en el modo de WebVPN sin cliente, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del par\u00e1metro domain en (1) dnserror.html y (2) connecterror.html, tambi\u00e9n conocido como bugid CSCsd81095 (VPN3k) y CSCse48193 (ASA). NOTA: El fabricante indica que \"WebVPN full-network-access mode\" no se ve afectada, a pesar de las alegaciones formuladas por el investigador original."
    }
  ],
  "id": "CVE-2006-3073",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-06-19T10:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20644"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://securitytracker.com/id?1016252"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060613-webvpn-xss.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/26453"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/26454"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/436479/30/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/18419"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/2331"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27086"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://securitytracker.com/id?1016252"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060613-webvpn-xss.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/26453"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/26454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/436479/30/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/18419"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/2331"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27086"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2006-3073 (GCVE-0-2006-3073)

Vulnerability from cvelistv5

Published

2006-06-19 10:00