Cisco Prime Infrastructure Rogue AP SSID Cross-Site Scripting Vulnerability
Cisco-SA-20130531-CVE-2013-1247 · Medium · Published · Updated
A vulnerability in the wireless configuration module of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to insert scripts into the listing of rogue access points. The vulnerability is due to a failure to properly sanitize SSIDs before inserting them into the XML windowing table used to display the list of rogue access points. An attacker could exploit this vulnerability by using a script as the SSID of a rogue access point. A successful exploit could allow the attacker to to execute scripts in the browser of a user viewing the malicious SSID. Cisco has confirmed the vulnerability in a security notice; however, software updates are not available. To exploit this vulnerability, the attacker would likely need access to a trusted, internal network in order to use a malicious script as the SSID of a rogue access point or have the knowledge of whether rogue access points exist in the network. Customers are advised to review the bug reports in the "Vendor Announcements" section for a current list of affected versions.