Vulnerability Description
Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Service Monitor | <= 8.5 |
| Cisco | Ciscoworks Lan Management Solution | 3.0 |
| Cisco | Unified Operations Manager | <= 8.5 |
| Emc | Ionix Acm | <= 2.3 |
| Emc | Ionix Asam | <= 3.2.0.2 |
| Emc | Ionix Ip | <= 8.1.1.1 |
References
- http://secunia.com/advisories/45979Vendor Advisory
- http://secunia.com/advisories/46016Vendor Advisory
- http://secunia.com/advisories/46052Vendor Advisory
- http://secunia.com/advisories/46053Vendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.sVendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.sVendor Advisory
- http://www.osvdb.org/75442
- http://www.securityfocus.com/archive/1/519646/100/0/threaded
- http://www.securityfocus.com/bid/49627
- http://www.securityfocus.com/bid/49644
- http://www.securitytracker.com/id?1026046
- http://www.securitytracker.com/id?1026047
- http://www.securitytracker.com/id?1026048
- http://www.securitytracker.com/id?1026059
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69828
FAQ
What is CVE-2011-2738?
CVE-2011-2738 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and mu...
How severe is CVE-2011-2738?
CVE-2011-2738 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-2738?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Service Monitor, Cisco Ciscoworks Lan Management Solution, Cisco Unified Operations Manager, Emc Ionix Acm, Emc Ionix Asam.