Lucene search

K

[email protected]NVD:CVE-2011-0960

HistoryMay 20, 2011 - 10:55 p.m.

CVE-2011-0960

2011-05-2022:55:02

CWE-89

[email protected]

web.nvd.nist.gov

2

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.1%

Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to execute arbitrary SQL commands via (1) the CCMs parameter to iptm/PRTestCreation.do or (2) the ccm parameter to iptm/TelePresenceReportAction.do, aka Bug ID CSCtn61716.

Affected configurations

NVD

Node

ciscounified_operations_managerRange≤8.5

OR

ciscounified_operations_managerMatch1.1

OR

ciscounified_operations_managerMatch2.0

OR

ciscounified_operations_managerMatch2.0.1

OR

ciscounified_operations_managerMatch2.0.2

OR

ciscounified_operations_managerMatch2.0.3

OR

ciscounified_operations_managerMatch2.1

OR

ciscounified_operations_managerMatch2.2

OR

ciscounified_operations_managerMatch2.3

OR

ciscounified_operations_managerMatch8.0

References

archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html

tools.cisco.com/security/center/viewAlert.x?alertId=23086

www.exploit-db.com/exploits/17304

www.securityfocus.com/bid/47898

www.senseofsecurity.com.au/advisories/SOS-11-006.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/67522

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.1%

Related for NVD:CVE-2011-0960

prion1 cvelist1 cve1 securityvulns2 packetstorm1 exploitpack1 seebug1 nessus1 exploitdb1