Vulnerability Description
The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Security Agent | 5.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/43383Vendor Advisory
- http://secunia.com/advisories/43393Vendor Advisory
- http://securityreason.com/securityalert/8095
- http://securityreason.com/securityalert/8197
- http://securityreason.com/securityalert/8205
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.sVendor Advisory
- http://www.securityfocus.com/archive/1/516505/100/0/threaded
- http://www.securityfocus.com/bid/46420
- http://www.securitytracker.com/id?1025088
- http://www.vupen.com/english/advisories/2011/0424Vendor Advisory
- http://www.zerodayinitiative.com/advisories/ZDI-11-088
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65436
- http://secunia.com/advisories/43383Vendor Advisory
- http://secunia.com/advisories/43393Vendor Advisory
- http://securityreason.com/securityalert/8095
FAQ
What is CVE-2011-0364?
CVE-2011-0364 is a vulnerability with a CVSS score of 10.0 (HIGH). The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters...
How severe is CVE-2011-0364?
CVE-2011-0364 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-0364?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Security Agent.