CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2011-3310

CRITICAL
9.0
CVSS Severity Score
EPSS Score0.0130%
EPSS Percentile32.17th
Published2011年10月20日
Last Modified2026年4月29日

Vulnerability Description

The Home Page component in Cisco CiscoWorks Common Services before 4.1 on Windows, as used in CiscoWorks LAN Management Solution, Cisco Security Manager, Cisco Unified Service Monitor, Cisco Unified Operations Manager, CiscoWorks QoS Policy Manager, and CiscoWorks Voice Manager, allows remote authenticated users to execute arbitrary commands via a crafted URL, aka Bug IDs CSCtq48990, CSCtq63992, CSCtq64011, CSCtq64019, CSCtr23090, and CSCtt25535.

Affected Platforms (CPE)

📦
Cisco

Ciscoworks Common Services

<= 4.0.1
📦
Cisco

Ciscoworks Common Services

= 2.2
📦
Cisco

Ciscoworks Common Services

= 3.0.5
📦
Cisco

Ciscoworks Common Services

= 3.0.6
📦
Cisco

Ciscoworks Common Services

= 3.1
📦
Cisco

Ciscoworks Common Services

= 3.1.1
📦
Cisco

Ciscoworks Common Services

= 3.2
📦
Cisco

Ciscoworks Common Services

= 3.3
💻
Microsoft

Windows

All versions

References & Advisories

🔗 http://secunia.com/advisories/46533
🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111019-cs
🔗 http://www.securityfocus.com/bid/50284
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/70759
🔗 http://secunia.com/advisories/46533
🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111019-cs
🔗 http://www.securityfocus.com/bid/50284
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/70759

相關漏洞威脅

CVE-2009-116110.0

Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, a...

CVE-2010-303610.0

Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before ...

CVE-2008-20549.3

Unspecified vulnerability in Cisco CiscoWorks Common Services 3.0.3 through 3.1.1 allows remote attackers to execute arbitrary cod...

CVE-2011-09666.8

Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 a...