CVE-2011-0966

2011-05-2022:55:03

CWE-22

[email protected]

web.nvd.nist.gov

cve-2011-0966

directory traversal

ciscoworks

common services

vulnerability

security

cisco

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:C/I:N/A:N

6.6 Medium

AI Score

Confidence

Low

0.082 Low

EPSS

Percentile

94.4%

JSON

Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a … (dot dot) in the file parameter, aka Bug ID CSCto35577.

Affected configurations

NVD

Node

ciscociscoworks_common_servicesRange≤3.3

ciscociscoworks_common_servicesMatch1.0

ciscociscoworks_common_servicesMatch2.2

ciscociscoworks_common_servicesMatch3.0

ciscociscoworks_common_servicesMatch3.0.3

ciscociscoworks_common_servicesMatch3.0.4

ciscociscoworks_common_servicesMatch3.0.5

ciscociscoworks_common_servicesMatch3.0.6

ciscociscoworks_common_servicesMatch3.1

ciscociscoworks_common_servicesMatch3.1.1

ciscociscoworks_common_servicesMatch3.2

CPENameOperatorVersion
cisco:ciscoworks_common_servicescisco ciscoworks common servicesle3.3
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq1.0
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq2.2
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq3.0
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq3.0.3
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq3.0.4
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq3.0.5
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq3.0.6
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq3.1
cisco:ciscoworks_common_servicescisco ciscoworks common serviceseq3.1.1

CPE	Name	Operator	Version
cisco:ciscoworks_common_services	cisco ciscoworks common services	le	3.3
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	1.0
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	2.2
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	3.0
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	3.0.3
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	3.0.4
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	3.0.5
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	3.0.6
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	3.1
cisco:ciscoworks_common_services	cisco ciscoworks common services	eq	3.1.1