Lucene search

K

[email protected]CVE-2011-0364

HistoryFeb 19, 2011 - 1:00 a.m.

CVE-2011-0364

2011-02-1901:00:00

CWE-94

[email protected]

web.nvd.nist.gov

27

cve-2011-0364

cisco

security agent

management console

arbitrary code execution

remote attack

7.3 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.638 Medium

EPSS

Percentile

97.8%

The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request.

CPENameOperatorVersion
cisco:security_agentcisco security agenteq5.1
cisco:security_agentcisco security agenteq5.2
cisco:security_agentcisco security agenteq6.0

References

secunia.com/advisories/43383

secunia.com/advisories/43393

securityreason.com/securityalert/8095

securityreason.com/securityalert/8197

securityreason.com/securityalert/8205

www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.shtml

www.securityfocus.com/archive/1/516505/100/0/threaded

www.securityfocus.com/bid/46420

www.securitytracker.com/id?1025088

www.vupen.com/english/advisories/2011/0424

www.zerodayinitiative.com/advisories/ZDI-11-088

exchange.xforce.ibmcloud.com/vulnerabilities/65436

7.3 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.638 Medium

EPSS

Percentile

97.8%

Related for CVE-2011-0364

attackerkb1 saint4 prion1 nessus1 securityvulns2 zdt1 packetstorm1 zdi1 checkpoint_advisories1 exploitpack1 seebug1 cisco1 exploitdb1