Cisco.Secure.ACS.LoginProxy.CGI.XSS
Description
This indicates an attack attempt to exploit a Cross Site Scripting vulnerability in Cisco Secure ACS.
The vulnerability is a result of the application's failure to sanitize user supplied input. As a result, a remote attacker can execute arbitrary script code within the context of the application.
Affected Products
Cisco Secure ACS for Unix 2.3 and earlier versions.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's website for suggested workaround.
http://www.cisco.com/en/US/products/sw/voicesw/ps4625/index.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |