CVE-2011-3310

The Home Page component in Cisco CiscoWorks Common Services before 4.1 on Windows, as used in CiscoWorks LAN Management Solution, Cisco Security Manager, Cisco Unified Service Monitor, Cisco Unified Operations Manager, CiscoWorks QoS Policy Manager, and CiscoWorks Voice Manager, allows remote authenticated users to execute arbitrary commands via a crafted URL, aka Bug IDs CSCtq48990, CSCtq63992, CSCtq64011, CSCtq64019, CSCtr23090, and CSCtt25535.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:cisco:ciscoworks_common_services:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_services:3.3:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:30

Type Values Removed Values Added
References () http://secunia.com/advisories/46533 - () http://secunia.com/advisories/46533 -
References () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111019-cs - Vendor Advisory () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111019-cs - Vendor Advisory
References () http://www.securityfocus.com/bid/50284 - () http://www.securityfocus.com/bid/50284 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/70759 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/70759 -

Information

Published : 2011-10-20 00:55

Updated : 2024-11-21 01:30


NVD link : CVE-2011-3310

Mitre link : CVE-2011-3310

CVE.ORG link : CVE-2011-3310


JSON object : View

Products Affected

cisco

  • ciscoworks_common_services

microsoft

  • windows
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')