Security flaw threatens Cisco website

By Patrick Gray

A cross-site scripting (XSS) vulnerability has been discovered in the cisco.com website.

Securiteam.com, an online security portal, issued an advisory which said: "The vulnerability would allow attackers to cause users to view third-party malicious JavaScript or HTML code as if it were the legitimate content offered by Cisco."

XSS vulnerabilities are at their most serious when user log-ins are involved. They may in some circumstances make it possible for an attacker to "steal" a user's session information, potentially allowing them to login as the victim user.

It is not known if Cisco, which does have a client log-in function on its website, is vulnerable to this extent. "Session theft" attack types are not very easy to carry out, and must be directed at the user of the affected site, not the site itself.

The Cisco website log-in function allows users to "...place and manage orders for Cisco networking products and services via the internet", the advisory said.

Logged-in customers can also download versions of Cisco's IOS software not normally available to the public.

XSS vulnerabilities have come into fashion lately, with many security researchers focusing their efforts in detection and elimination of the security problem.

The recently held hacking competition, OpenHack IV, dished out $500 (£320) to a single entrant, Jeremy Poteet, who found XSS vulnerabilities in the application being tested, which was engineered by Oracle.

Cisco was not immediately available for comment.

Patrick Gray writes for ZDNet Australia