Lucene search

PRIOn knowledge basePRION:CVE-2011-0364

HistoryFeb 19, 2011 - 1:00 a.m.

Cross site request forgery (csrf)

2011-02-1901:00:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.638 Medium

EPSS

Percentile

97.8%

JSON

The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request.

CPENameOperatorVersion
security_agenteq5.1
security_agenteq5.2
security_agenteq6.0

Name	Operator	Version
security_agent	eq	5.1
security_agent	eq	5.2
security_agent	eq	6.0

References

secunia.com/advisories/43383

secunia.com/advisories/43393

securityreason.com/securityalert/8095

securityreason.com/securityalert/8197

securityreason.com/securityalert/8205

www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.shtml

www.securityfocus.com/archive/1/516505/100/0/threaded

www.securityfocus.com/bid/46420

www.securitytracker.com/id?1025088

www.vupen.com/english/advisories/2011/0424

www.zerodayinitiative.com/advisories/ZDI-11-088

exchange.xforce.ibmcloud.com/vulnerabilities/65436

8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.638 Medium

EPSS

Percentile

97.8%

JSON

Related for PRION:CVE-2011-0364