This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.
The network management framework on the remote web server has an HTTP
response splitting vulnerability.
The version of CiscoWorks Common Services on the remote host has an
HTTP response splitting vulnerability. Common Services is a framework
included with several Cisco products. Input to the 'URL' parameter of
Autologin.jsp is not properly sanitized.
A remote attacker could exploit this by tricking a user into making a
malicious request, resulting in the injection of HTTP headers,
modification of the HTTP response body, or splitting the HTTP response
into multiple responses.
See also :
Refer to the referenced Cisco Bug IDs for more information.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true