CVE-2022-31734

Vulnerability

Cisco Catalyst 2940 Series Switches with firmware versions prior to 12.2(50)SY contain a reflected cross-site scripting (XSS) vulnerability in error page generation. The product improperly processes user input when generating error messages, leading to CWE-79 [1].

Exploitation

An attacker can craft a malicious URL containing JavaScript and convince an authenticated user with network access to the switch's web interface to click the link. The crafted input is reflected in the error page, executing the script in the user's browser. No authentication is required for the attacker, but user interaction is necessary [1].

Impact

Successful exploitation allows the attacker to execute arbitrary script in the victim's browser, potentially leading to information disclosure or session hijacking. The CVSS v3 score is 4.6 (Medium) with vector CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N [1].

Mitigation

Cisco Catalyst 2940 Series Switches have been end-of-support since January 2015, and no firmware updates will be released. Users are strongly advised to stop using the affected products and migrate to alternative supported switches [1][2].