Lucene search

[email protected]CVE-2010-3040

HistoryOct 03, 2022 - 4:20 p.m.

CVE-2010-3040

2022-10-0316:20:56

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-3040

buffer overflow

agent.exe

cisco

icm

remote code execution

security vulnerability

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.192 Low

EPSS

Percentile

96.3%

JSON

Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent Contact Manager (ICM) before 7.0 allow remote attackers to execute arbitrary code via a long parameter in a (1) HandleUpgradeAll, (2) AgentUpgrade, (3) HandleQueryNodeInfoReq, or (4) HandleUpgradeTrace TCP packet, aka Bug IDs CSCti45698, CSCti45715, CSCti45726, and CSCti46164.

Affected configurations

NVD

Node

ciscointelligent_contact_managerRange≤6.0\(0\)a\(1\)

ciscointelligent_contact_managerMatch5.0

ciscointelligent_contact_managerMatch5.0\(0\)

ciscointelligent_contact_managerMatch5.0\(0\)_sr2

ciscointelligent_contact_managerMatch5.0\(0\)_sr3

ciscointelligent_contact_managerMatch5.0\(0\)_sr4

ciscointelligent_contact_managerMatch5.0\(0\)_sr5

ciscointelligent_contact_managerMatch5.0\(0\)_sr7

ciscointelligent_contact_managerMatch5.0\(0\)_sr8

ciscointelligent_contact_managerMatch5.0\(0\)_sr9

ciscointelligent_contact_managerMatch5.0\(0\)_sr10

ciscointelligent_contact_managerMatch5.0\(0\)_sr11

ciscointelligent_contact_managerMatch5.0\(0\)_sr12

ciscointelligent_contact_managerMatch5.0\(0\)_sr13

ciscointelligent_contact_managerMatch5.0\(0\)a

ciscointelligent_contact_managerMatch6.0\(0\)

ciscointelligent_contact_managerMatch6.0\(0\)_sr1

ciscointelligent_contact_managerMatch6.0\(0\)_sr2

ciscointelligent_contact_managerMatch6.0\(0\)_sr3

ciscointelligent_contact_managerMatch6.0\(0\)_sr4

ciscointelligent_contact_managerMatch6.0\(0\)_sr5

ciscointelligent_contact_managerMatch6.0\(0\)_sr6

ciscointelligent_contact_managerMatch6.0\(0\)_sr7

ciscointelligent_contact_managerMatch6.0\(0\)_sr8

ciscointelligent_contact_managerMatch6.0\(0\)_sr9

ciscointelligent_contact_managerMatch6.0\(0\)_sr10

ciscointelligent_contact_managerMatch6.0\(0\)a

CPENameOperatorVersion
cisco:intelligent_contact_managercisco intelligent contact managerle6.0\(0\)a\(1\)
cisco:intelligent_contact_managercisco intelligent contact managereq5.0
cisco:intelligent_contact_managercisco intelligent contact managereq5.0\(0\)
cisco:intelligent_contact_managercisco intelligent contact managereq5.0\(0\)_sr2
cisco:intelligent_contact_managercisco intelligent contact managereq5.0\(0\)_sr3
cisco:intelligent_contact_managercisco intelligent contact managereq5.0\(0\)_sr4
cisco:intelligent_contact_managercisco intelligent contact managereq5.0\(0\)_sr5
cisco:intelligent_contact_managercisco intelligent contact managereq5.0\(0\)_sr7
cisco:intelligent_contact_managercisco intelligent contact managereq5.0\(0\)_sr8
cisco:intelligent_contact_managercisco intelligent contact managereq5.0\(0\)_sr9

CPE	Name	Operator	Version
cisco:intelligent_contact_manager	cisco intelligent contact manager	le	6.0\(0\)a\(1\)
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	5.0
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	5.0\(0\)
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	5.0\(0\)_sr2
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	5.0\(0\)_sr3
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	5.0\(0\)_sr4
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	5.0\(0\)_sr5
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	5.0\(0\)_sr7
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	5.0\(0\)_sr8
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	5.0\(0\)_sr9