CVE-2011-2547

EUVD-2011-2530
The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
Affected Products (NVD)
VendorProductVersion
ciscosa500_software
𝑥
≤ 2.1.18
ciscosa500_software
1.0.14
ciscosa500_software
1.0.15
ciscosa500_software
1.0.17
ciscosa500_software
1.0.39
ciscosa500_software
1.1.21
ciscosa500_software
1.1.42
ciscosa500_software
1.1.65
ciscosa520
*
ciscosa520w
*
ciscosa540
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/45355
http://securitytracker.com/id?1025810
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml
http://www.securityfocus.com/bid/48810
https://exchange.xforce.ibmcloud.com/vulnerabilities/68738
http://secunia.com/advisories/45355
http://securitytracker.com/id?1025810
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml
http://www.securityfocus.com/bid/48810
https://exchange.xforce.ibmcloud.com/vulnerabilities/68738