Detections
Analytics

CVE-2011-0364

critical

Description

The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/65436

http://www.zerodayinitiative.com/advisories/ZDI-11-088

http://www.vupen.com/english/advisories/2011/0424

http://www.securitytracker.com/id?1025088

http://www.securityfocus.com/bid/46420

http://www.securityfocus.com/archive/1/516505/100/0/threaded

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.shtml

http://securityreason.com/securityalert/8205

http://securityreason.com/securityalert/8197

http://securityreason.com/securityalert/8095

http://secunia.com/advisories/43393

http://secunia.com/advisories/43383

Details

Source: Mitre, NVD

Published: 2011-02-19

Updated: 2018-10-10

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical