Cisco Unified Operations Manager < 8.6 Multiple Vulnerabilities

critical Nessus Plugin ID 56485

Synopsis

The monitoring application hosted on the remote web server has multiple vulnerabilities.

Description

According to its self-reported version number, the version of Cisco Unified Operations Manager on the remote host has multiple vulnerabilities :

- Multiple reflected XSS. (CVE-2011-0959, CVE-2011-0961, CVE-2011-0962)

- Multiple blind SQL injections. (CVE-2011-0960)

- A directory traversal in auditLog.do. (CVE-2011-0966)

- An unspecified code execution vulnerability.
(CVE-2011-2738)

Solution

Upgrade to Cisco Unified Operations Manager 8.6 or later.

See Also

http://www.senseofsecurity.com.au/advisories/SOS-11-006

https://tools.cisco.com/security/center/viewAlert.x?alertId=23085

https://tools.cisco.com/security/center/viewAlert.x?alertId=23086

https://tools.cisco.com/security/center/viewAlert.x?alertId=23087

http://www.nessus.org/u?73d9c279

Plugin Details

Severity: Critical

ID: 56485

File Name: cisco_uom_8_6.nasl

Version: 1.16

Type: remote

Family: CGI abuses

Published: 10/13/2011

Updated: 6/5/2024

Supported Sensors: Nessus

Enable CGI Scanning: true

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:cisco:unified_operations_manager

Required KB Items: www/cisco_uom

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/18/2011

Vulnerability Publication Date: 5/18/2011

Reference Information

CVE: CVE-2011-0959, CVE-2011-0960, CVE-2011-0961, CVE-2011-0962, CVE-2011-0966, CVE-2011-2738

BID: 47898, 47901, 47903, 49627

CISCO-SA: cisco-sa-20110914-cusm

IAVA: 2011-A-0132-S

CISCO-BUG-ID: CSCtn42961, CSCtn61716, CSCto12704, CSCto12712, CSCto35577