Lucene search

[email protected]NVD:CVE-2011-1646

HistoryMay 31, 2011 - 8:55 p.m.

CVE-2011-1646

2011-05-3120:55:02

CWE-94

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.3

Confidence

High

EPSS

0.002

Percentile

61.2%

JSON

The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote authenticated users to execute arbitrary commands via the (1) ping test parameter or (2) traceroute test parameter, aka Bug ID CSCtn23871.

Affected configurations

Nvd

Node

ciscorvs4000Match1

ciscorvs4000Match2

AND

ciscorvs4000_softwareMatch1.3.0.5

ciscorvs4000_softwareMatch1.3.1.0

ciscorvs4000_softwareMatch1.3.2.0

ciscorvs4000_softwareMatch2.0.0.3

Node

ciscowrvs4400nMatch1.0

ciscowrvs4400nMatch1.1

ciscowrvs4400nMatch2

AND

ciscowrvs4400n_softwareMatch1.3.0.5

ciscowrvs4400n_softwareMatch1.3.1.0

ciscowrvs4400n_softwareMatch1.3.2.0

ciscowrvs4400n_softwareMatch2.0.0.3

References

www.cisco.com/en/US/products/products_security_advisory09186a0080b7f190.shtml

www.securitytracker.com/id?1025565

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.3

Confidence

High

EPSS

0.002

Percentile

61.2%

JSON

Related for NVD:CVE-2011-1646

cvelist1 prion1 cve1 securityvulns2