CyberSec.Space Logo
Back to CVE Browser

CVE-2011-3310

CRITICAL
9.0
CVSS Severity Score
EPSS Score0.0130%
EPSS Percentile32.17th
PublishedOct 20, 2011
Last ModifiedApr 29, 2026

Vulnerability Description

The Home Page component in Cisco CiscoWorks Common Services before 4.1 on Windows, as used in CiscoWorks LAN Management Solution, Cisco Security Manager, Cisco Unified Service Monitor, Cisco Unified Operations Manager, CiscoWorks QoS Policy Manager, and CiscoWorks Voice Manager, allows remote authenticated users to execute arbitrary commands via a crafted URL, aka Bug IDs CSCtq48990, CSCtq63992, CSCtq64011, CSCtq64019, CSCtr23090, and CSCtt25535.

Affected Platforms (CPE)

πŸ“¦
Cisco

Ciscoworks Common Services

<= 4.0.1
πŸ“¦
Cisco

Ciscoworks Common Services

= 2.2
πŸ“¦
Cisco

Ciscoworks Common Services

= 3.0.5
πŸ“¦
Cisco

Ciscoworks Common Services

= 3.0.6
πŸ“¦
Cisco

Ciscoworks Common Services

= 3.1
πŸ“¦
Cisco

Ciscoworks Common Services

= 3.1.1
πŸ“¦
Cisco

Ciscoworks Common Services

= 3.2
πŸ“¦
Cisco

Ciscoworks Common Services

= 3.3
πŸ’»
Microsoft

Windows

All versions

References & Advisories

πŸ”— http://secunia.com/advisories/46533
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111019-cs
πŸ”— http://www.securityfocus.com/bid/50284
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/70759
πŸ”— http://secunia.com/advisories/46533
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111019-cs
πŸ”— http://www.securityfocus.com/bid/50284
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/70759

Related Vulnerabilities

CVE-2009-116110.0

Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, a...

CVE-2010-303610.0

Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before ...

CVE-2008-20549.3

Unspecified vulnerability in Cisco CiscoWorks Common Services 3.0.3 through 3.1.1 allows remote attackers to execute arbitrary cod...

CVE-2011-09666.8

Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 a...