Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0363

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2012-0363
Last Modified 06 Mar 2012 12:00:00
Published 24 Feb 2012 11:21:42
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-0363

Summary

The web interface on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability," aka Bug ID CSCtt46871.

Vulnerable Systems

Application

  • Cisco Small Business Srp520 Series Firmware 1.01.01

  • Cisco Small Business Srp520 Series Firmware 1.01.09

  • Cisco Small Business Srp520 Series Firmware 1.01.11

  • Cisco Small Business Srp520 Series Firmware 1.01.19

  • Cisco Small Business Srp520 Series Firmware 1.01.23

  • Cisco Small Business Srp520 Series Firmware 1.01.24

  • Cisco Small Business Srp520-u Series Firmware 1.1.0

  • Cisco Small Business Srp520-u Series Firmware 1.2.4

  • Cisco Small Business Srp540 Series Firmware 1.02.00.023

  • Cisco Small Business Srp540 Series Firmware 1.02.01


References

CISCO - 20120223 Cisco Small Business SRP 500 Series Multiple Vulnerabilities


Last Updated: 27 May 2016 10:58:20