CyberSec.Space Logo
Back to CVE Browser

CVE-2011-0966

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.1680%
EPSS Percentile38.01th
PublishedMay 20, 2011
Last ModifiedApr 29, 2026

Vulnerability Description

Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577.

Affected Platforms (CPE)

πŸ“¦
Cisco

Ciscoworks Common Services

<= 3.3
πŸ“¦
Cisco

Ciscoworks Common Services

= 1.0
πŸ“¦
Cisco

Ciscoworks Common Services

= 2.2
πŸ“¦
Cisco

Ciscoworks Common Services

= 3.0
πŸ“¦
Cisco

Ciscoworks Common Services

= 3.0.3
πŸ“¦
Cisco

Ciscoworks Common Services

= 3.0.4
πŸ“¦
Cisco

Ciscoworks Common Services

= 3.0.5
πŸ“¦
Cisco

Ciscoworks Common Services

= 3.0.6
πŸ“¦
Cisco

Ciscoworks Common Services

= 3.1
πŸ“¦
Cisco

Ciscoworks Common Services

= 3.1.1
πŸ“¦
Cisco

Ciscoworks Common Services

= 3.2

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html
πŸ”— http://tools.cisco.com/security/center/viewAlert.x?alertId=23089
πŸ”— http://www.exploit-db.com/exploits/17304
πŸ”— http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/67525
πŸ”— http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html
πŸ”— http://tools.cisco.com/security/center/viewAlert.x?alertId=23089
πŸ”— http://www.exploit-db.com/exploits/17304

Related Vulnerabilities

CVE-2009-116110.0

Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, a...

CVE-2010-303610.0

Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before ...

CVE-2008-20549.3

Unspecified vulnerability in Cisco CiscoWorks Common Services 3.0.3 through 3.1.1 allows remote attackers to execute arbitrary cod...

CVE-2011-33109.0

The Home Page component in Cisco CiscoWorks Common Services before 4.1 on Windows, as used in CiscoWorks LAN Management Solution, ...