Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1645

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-1645
Last Modified 06 Sep 2011 11:16:18
Published 31 May 2011 04:55:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1645

Summary

The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the backup configuration file, and consequently execute arbitrary code, via unspecified vectors, aka Bug ID CSCtn23871.

Vulnerable Systems

Application

  • Cisco Rvs4000 Software 1.3.0.5

  • Cisco Rvs4000 Software 1.3.1.0

  • Cisco Rvs4000 Software 1.3.2.0

  • Cisco Rvs4000 Software 2.0.0.3

  • Cisco Wrvs4400n Software 1.3.0.5

  • Cisco Wrvs4400n Software 1.3.1.0

  • Cisco Wrvs4400n Software 1.3.2.0

  • Cisco Wrvs4400n Software 2.0.0.3


References

SECTRACK - 1025565

BID - 47988

CISCO - 20110525 Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities


Last Updated: 27 May 2016 10:56:23