CVE-2012-6029

Name of the Vulnerable Software and Affected Versions Cisco NAC Appliance versions 4.9.2 and earlier

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the web-authentication function. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via specific parameters to certain API endpoints, such as /perfigo weblogin.jsp and /perfigo cm validate.jsp. The vulnerable parameters include cm, uri, provider, session, userip, and username.

Recommendations For Cisco NAC Appliance versions 4.9.2 and earlier, consider disabling the web-authentication function until a patch is available. Restrict access to the /perfigo weblogin.jsp and /perfigo cm validate.jsp endpoints to minimize the risk of exploitation. Avoid using the cm, uri, provider, session, userip, and username parameters in the affected API endpoints until the issue is resolved.