Vulnerability-Lookup - Search a vulnerability

CVE-2011-2547 (GCVE-0-2011-2547)

Vulnerability from cvelistv5

Published

2011-07-28 22:00

Modified

2024-08-06 23:08

Severity ?

CWE

n/a

Summary

The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681.

References

►

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

CVE-2011-2546 (GCVE-0-2011-2546)

Vulnerability from cvelistv5

Published

2011-07-28 22:00

Modified

2024-08-06 23:08

Severity ?

CWE

n/a

Summary

SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtq65669.

References

►

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

CVE-2015-6418 (GCVE-0-2015-6418)

Vulnerability from cvelistv5

Published

2015-12-13 02:00

Modified

2024-08-06 07:22

Severity ?

CWE

n/a

Summary

The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224.

References

►

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Vulnerability from fkie_nvd

Published

2011-07-28 22:55

Modified

2025-04-11 00:51

Severity ?

Summary

SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtq65669.

References

URL	Tags
psirt@cisco.com	http://secunia.com/advisories/45355	Vendor Advisory
psirt@cisco.com	http://securitytracker.com/id?1025810
psirt@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/48812
psirt@cisco.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/68737
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45355	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1025810
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/48812
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/68737

Impacted products

Vendor	Product	Version
cisco	sa500_software	*
cisco	sa500_software	1.0.14
cisco	sa500_software	1.0.15
cisco	sa500_software	1.0.17
cisco	sa500_software	1.0.39
cisco	sa500_software	1.1.21
cisco	sa500_software	1.1.42
cisco	sa500_software	1.1.65
cisco	sa520	*
cisco	sa520w	*
cisco	sa540	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:sa500_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F34CEB78-9F68-4BF7-BB70-7AF03524CA9D",
              "versionEndIncluding": "2.1.18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sa500_software:1.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "988B2905-DE56-417F-BDFC-26C3120F4FE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sa500_software:1.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B1DCFEE-D2CA-46EC-B92B-7BC6D84A863F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sa500_software:1.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6969B8E-BA94-4E5C-8864-886EC7DB5568",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sa500_software:1.0.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3EFD6F-BCA3-4578-ACB7-CDA48C66F8A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sa500_software:1.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8D0F427-03DB-4B77-AD44-2CF30A3A8468",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sa500_software:1.1.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D1CC976-BE22-4C5B-A877-ED78544C2730",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sa500_software:1.1.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE089465-47D4-48EC-878A-B045E78A6D7A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:sa520:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41EA22A9-7330-473D-A8F6-625EACF21B35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:sa520w:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C7A7463-BCAC-4DD8-920A-2D3134D3B579",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:sa540:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86F2ED99-EB36-4FB6-8404-BF0DDD2B2AEA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtq65669."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de inyecci\u00f3n SQL en la interfaz de gesti\u00f3n basada en la web de aplicativos de seguridad Cisco SA 500 con el software anterior a v2.1.19 permite a atacantes remotos ejecutar comandos SQL a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCtq65669."
    }
  ],
  "id": "CVE-2011-2546",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-07-28T22:55:02.093",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45355"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://securitytracker.com/id?1025810"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/48812"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68737"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45355"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1025810"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/48812"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68737"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2015-12-13 03:59

Modified

2025-04-12 10:46

Severity ?

Summary

The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224.

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/78876
psirt@cisco.com	http://www.securitytracker.com/id/1034408
psirt@cisco.com	http://www.securitytracker.com/id/1034409
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/78876
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034408
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034409

Impacted products

Vendor	Product	Version
cisco	sa520	2.2.07
cisco	sa520w	2.2.07
cisco	sa540	2.2.07
cisco	rv016_multi-wan_vpn_firmware	4.0.0.7
cisco	rv016_multi-wan_vpn_firmware	4.0.2.8
cisco	rv016_multi-wan_vpn_firmware	4.0.5.0
cisco	rv042_dual_wan_vpn_router_firmware	4.0.2.8
cisco	rv042g_dual_gigabit_wan_vpn_firmware	4.0.0.7
cisco	rv042g_dual_gigabit_wan_vpn_firmware	4.2.2.7
cisco	rv042g_dual_gigabit_wan_vpn_firmware	4.2.2.8
cisco	rv082_dual_wan_vpn_router_firmware	4.0.0.7
cisco	rv082_dual_wan_vpn_router_firmware	4.0.2.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:sa520:2.2.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "5242A08F-0736-4FAC-B015-46BBF1115B08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:sa520w:2.2.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B17623-8183-4C2C-A1BD-1654200D6AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:sa540:2.2.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7D2641C-CCFF-411A-96B4-F8823F4B4BA5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8A650F-4509-4632-92D3-72C412A49012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC822B95-469E-4DB8-A1C0-B4AAA3D3644F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "487B2A80-30AD-45F8-A46D-21E04888F3EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:rv042_dual_wan_vpn_router_firmware:4.0.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "00D012E7-A12E-44ED-8173-C8B254902886",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "303C48D9-1069-486B-8933-F51DFC82EDAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5F4636E-25F8-40E3-909F-CB9B93E290E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDB96FF7-13B9-482F-85E7-C1C68287CF41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:rv082_dual_wan_vpn_router_firmware:4.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF1CDD04-A345-4982-A055-BBC990873C4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:rv082_dual_wan_vpn_router_firmware:4.0.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C92A1CD-5AE8-421E-A813-A2738219B673",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224."
    },
    {
      "lang": "es",
      "value": "El generador de n\u00famero aleatorio en routers Cisco Small Business RV 4.x y dispositivos de seguridad SA500 2.2.07 no tiene suficiente entrop\u00eda, lo que hace que sea m\u00e1s f\u00e1cil para atacantes remotos determinar un par de claves TLS a trav\u00e9s de computaciones no especificadas sobre datos de intercambio de clave en el apret\u00f3n de manos, tambi\u00e9n conocido como Bug ID CSCus15224."
    }
  ],
  "id": "CVE-2015-6418",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-12-13T03:59:09.477",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/78876"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1034408"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1034409"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/78876"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034408"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034409"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2011-07-28 22:55

Modified

2025-04-11 00:51

Severity ?

Summary

The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681.

References

URL	Tags
psirt@cisco.com	http://secunia.com/advisories/45355	Vendor Advisory
psirt@cisco.com	http://securitytracker.com/id?1025810
psirt@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/48810
psirt@cisco.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/68738
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45355	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1025810
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/48810
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/68738

Impacted products

Vendor	Product	Version
cisco	sa500_software	*
cisco	sa500_software	1.0.14
cisco	sa500_software	1.0.15
cisco	sa500_software	1.0.17
cisco	sa500_software	1.0.39
cisco	sa500_software	1.1.21
cisco	sa500_software	1.1.42
cisco	sa500_software	1.1.65
cisco	sa520	*
cisco	sa520w	*
cisco	sa540	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:sa500_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F34CEB78-9F68-4BF7-BB70-7AF03524CA9D",
              "versionEndIncluding": "2.1.18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sa500_software:1.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "988B2905-DE56-417F-BDFC-26C3120F4FE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sa500_software:1.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B1DCFEE-D2CA-46EC-B92B-7BC6D84A863F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sa500_software:1.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6969B8E-BA94-4E5C-8864-886EC7DB5568",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sa500_software:1.0.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3EFD6F-BCA3-4578-ACB7-CDA48C66F8A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sa500_software:1.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8D0F427-03DB-4B77-AD44-2CF30A3A8468",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sa500_software:1.1.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D1CC976-BE22-4C5B-A877-ED78544C2730",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sa500_software:1.1.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE089465-47D4-48EC-878A-B045E78A6D7A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:sa520:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41EA22A9-7330-473D-A8F6-625EACF21B35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:sa520w:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C7A7463-BCAC-4DD8-920A-2D3134D3B579",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:sa540:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86F2ED99-EB36-4FB6-8404-BF0DDD2B2AEA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681."
    },
    {
      "lang": "es",
      "value": "La interfaz de gesti\u00f3n basada en la web aplicativos de seguridad de Cisco SA 500 ??Series con el software anterior a v2.1.19 permite a usuarios remotos autenticados ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de los par\u00e1metros manipulados en formularios web, tambi\u00e9n conocido como Bug ID CSCtq65681."
    }
  ],
  "id": "CVE-2011-2547",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-07-28T22:55:02.140",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45355"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://securitytracker.com/id?1025810"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/48810"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68738"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45355"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1025810"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/48810"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68738"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerabilites related to cisco - sa540

CVE-2011-2547 (GCVE-0-2011-2547)

Vulnerability from cvelistv5

CVE-2011-2546 (GCVE-0-2011-2546)

Vulnerability from cvelistv5

CVE-2015-6418 (GCVE-0-2015-6418)

Vulnerability from cvelistv5

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd