CVE-2011-2547

The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
VendorProductVersion
ciscosa500_software
𝑥
≤ 2.1.18
ciscosa500_software
1.0.14
ciscosa500_software
1.0.15
ciscosa500_software
1.0.17
ciscosa500_software
1.0.39
ciscosa500_software
1.1.21
ciscosa500_software
1.1.42
ciscosa500_software
1.1.65
ciscosa520
*
ciscosa520w
*
ciscosa540
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/45355
http://securitytracker.com/id?1025810
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml
http://www.securityfocus.com/bid/48810
https://exchange.xforce.ibmcloud.com/vulnerabilities/68738
http://secunia.com/advisories/45355
http://securitytracker.com/id?1025810
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml
http://www.securityfocus.com/bid/48810
https://exchange.xforce.ibmcloud.com/vulnerabilities/68738