Skip Ribbon Commands
Skip to main content
Computer Security Incident Response Team of Mauritius (CERT-MU)

Cisco Context Multiple Vulnerabilities
 
Date: 10.01.14
 
Severity Rating: Medium
 
Overview:
 
Multiple vulnerabilities have been identified in Cisco Context and they can be exploited to bypass security restrictions, conduct cross-site scripting attacks and conduct other attacks. Cisco has issued an update to address these vulnerabilities.
 
Description:
 
Multiple vulnerabilities have been identified in Cisco Context and they can be exploited to affect the integrity of the user’s access, conduct cross-site scripting attacks and conduct other attacks. The vulnerabilities identified are as follows:
1.     The first vulnerability exists because the software does not properly filter HTML code from user-supplied input before displaying the input and this can be exploited by remote attackers to conduct cross-site scripting attacks. This vulnerability can allow remote attackers to create a specially crafted URL that, when loaded by the user will cause execution of arbitrary scripting code by the user’s browser. The code will originate from the site running the Cisco Context Directory Agent software and will run in the security context of that site. This is will make the code to access the user’s cookies, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
2.     The second vulnerability exists due to insufficient authorization enforcement and it could be exploited by remote attackers by accessing an active session and perform administrative actions.
3.     Another vulnerability exists because of insufficient validation of RADIUS accounting messages. This can be exploited by remote attackers by replaying crafted RADIUS accounting messages and affect the contents of the CDA cache.
 
Cisco has issued an update to address the vulnerabilities.
 
Affected Systems:
·         Cisco Context Directory Agent
 
CVE Information
 
 
Solution
 
Users are advised to apply updates.
 
More information about the update is available on:
 
 
References
 
Security Tracker
 
 
Cisco Security Tools
 
 
Disclaimer
 
The information provided herein is on "as is" basis, without warranty of any kind.
 
Contact Information
 
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
9th Floor, Stratton Court
La Poudriere Street
Port Louis