CVE-2010-0594

Vulnerability

Cisco Router and Security Device Manager (SDM), a web-based device management tool for Cisco routers, contains a cross-site scripting (XSS) vulnerability. The vulnerability exists in an unspecified component of SDM and can be triggered by unknown vectors. Cisco Bug ID CSCtb38467 tracks this issue. Affected versions include Cisco Router and Security Device Manager (SDM) as described in vendor advisories [1][2].

Exploitation

An attacker can exploit this vulnerability remotely without authentication by crafting a malicious request that injects arbitrary web script or HTML into the SDM interface [1]. The attack requires user interaction, as the victim must browse to the SDM administration page and view the injected content [2].

Impact

Successful exploitation allows an attacker to execute arbitrary script in the user's web browser within the context of the SDM application [1][2]. This can lead to unauthorized actions, such as accessing session tokens or manipulating settings, potentially resulting in partial integrity compromise. Confidentiality and availability are not directly affected according to CVSS v2 scoring [1].

Mitigation

Cisco recommends updating SDM to the latest version according to vendor-provided information [1][2]. No specific fixed version number is disclosed in the available references. The vendor has not published further workaround details, and the vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date.