Cisco Catalyst Center Cross-Site Scripting Vulnerability
TL;DR 📌
A cross-site scripting (XSS) vulnerability has been identified in the web-based management interface of Cisco Catalyst Center. This vulnerability could allow an unauthenticated remote attacker to execute arbitrary script code in the context of the affected interface. Cisco has released fixed software to address this issue, but there are no workarounds available.
What happened 🕵️♂️
A vulnerability in the Cisco Catalyst Center’s web-based management interface allows an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. This is due to insufficient validation of user input, enabling an attacker to exploit the vulnerability by persuading a user to click a crafted link. A successful exploit could lead to the execution of arbitrary script code or access to sensitive browser-based information.
Affected products 🖥️
The vulnerability affects all versions of Cisco Catalyst Center, specifically those running versions 2.3.7 and earlier. Cisco Catalyst Center Virtual Appliance is confirmed not to be affected.
Fixed software 🔧
Upgrade to the first fixed release in your train (or later):
| Release / Product | First Fixed Release | Notes |
|---|---|---|
| 2.3.7 and earlier | 2.3.7.10 | |
| 3.1 | Not affected | |
| 1.0 | Initial public release. | |
| Cisco Catalyst Center | 2.3.7.10 | 2.3.7 and earlier |
Workarounds 🧯
There are no workarounds available to mitigate this vulnerability.
Risk in context 🎯
With a CVSS score of 6.1, this vulnerability is rated as Medium severity. The risk arises from the potential for an attacker to exploit the XSS vulnerability without authentication, making it easier for them to target users of the web interface. Immediate action is recommended to upgrade to the fixed software to mitigate this risk.
Fast facts ⚡
- Vulnerability Type: Cross-Site Scripting (XSS)
- CVSS Score: 6.1 (Medium)
- Exploitation Potential: Unauthenticated remote access
- Fixed Software: 2.3.7.10 for affected versions
- Workarounds: None available
For leadership 🧭
This advisory outlines a Medium severity cross-site scripting vulnerability in Cisco Catalyst Center, which could allow unauthenticated remote attackers to execute scripts in the context of the affected interface. The vulnerability is internet-facing and requires user interaction to exploit, posing a risk of data exposure.
Remediation Ask: Upgrade to the fixed software version 2.3.7.10 within 7 days to mitigate the risk.
Operational Impact: A brief maintenance window will be required for the upgrade, with no expected configuration drift.
Now / Next / Later:
- Now: Assess the current version of Cisco Catalyst Center in use.
- Next: Plan and execute the upgrade to version 2.3.7.10.
- Later: Monitor for any further advisories or updates related to this vulnerability.