Lucene search

[email protected]CVE-2011-3305

HistoryOct 06, 2011 - 10:55 a.m.

CVE-2011-3305

2011-10-0610:55:00

CWE-22

[email protected]

web.nvd.nist.gov

cisco

nac

manager

vulnerability

cve-2011-3305

directory traversal

6.9 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.015 Low

EPSS

Percentile

86.8%

JSON

Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4.8.x allows remote attackers to read arbitrary files via crafted traffic to TCP port 443, aka Bug ID CSCtq10755.

CPENameOperatorVersion
cisco:nac_managercisco nac managereq4.8
cisco:nac_managercisco nac managereq4.8\(1\)
cisco:nac_managercisco nac managereq4.8\(2\)

CPE	Name	Operator	Version
cisco:nac_manager	cisco nac manager	eq	4.8
cisco:nac_manager	cisco nac manager	eq	4.8\(1\)
cisco:nac_manager	cisco nac manager	eq	4.8\(2\)

References

osvdb.org/76080

secunia.com/advisories/46309

www.cisco.com/warp/public/707/cisco-sa-20111005-nac.shtml

www.securityfocus.com/bid/49954

www.securitytracker.com/id?1026142

exchange.xforce.ibmcloud.com/vulnerabilities/70335

6.9 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.015 Low

EPSS

Percentile

86.8%

JSON

Related for CVE-2011-3305

cisco1 prion1 securityvulns2