Vulnerability Description
The Home Page component in Cisco CiscoWorks Common Services before 4.1 on Windows, as used in CiscoWorks LAN Management Solution, Cisco Security Manager, Cisco Unified Service Monitor, Cisco Unified Operations Manager, CiscoWorks QoS Policy Manager, and CiscoWorks Voice Manager, allows remote authenticated users to execute arbitrary commands via a crafted URL, aka Bug IDs CSCtq48990, CSCtq63992, CSCtq64011, CSCtq64019, CSCtr23090, and CSCtt25535.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ciscoworks Common Services | <= 4.0.1 |
| Microsoft | Windows | All versions |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/46533
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://www.securityfocus.com/bid/50284
- https://exchange.xforce.ibmcloud.com/vulnerabilities/70759
- http://secunia.com/advisories/46533
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://www.securityfocus.com/bid/50284
- https://exchange.xforce.ibmcloud.com/vulnerabilities/70759
FAQ
What is CVE-2011-3310?
CVE-2011-3310 is a vulnerability with a CVSS score of 9.0 (HIGH). The Home Page component in Cisco CiscoWorks Common Services before 4.1 on Windows, as used in CiscoWorks LAN Management Solution, Cisco Security Manager, Cisco Unified Service Monitor, Cisco Unified O...
How severe is CVE-2011-3310?
CVE-2011-3310 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-3310?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ciscoworks Common Services, Microsoft Windows.