certfr_avis - CERTA-2011-AVI-404

CERTA-2011-AVI-404

Vulnerability from certfr_avis - Published: - Updated:

Deux vulnérabilités dans les produits Cisco SA 500 Series Security Appliances permettent à une personne malintentionnée soit d'élever ses privilèges, soit de porter atteinte à la confidentialité des données.

Description

Deux vulnérabilités dans les produits Cisco SA 500 Series Security Appliances ont été découvertes :

la première permet à une personne distante non authentifiée de porter atteinte à la confidentialité des données d'identification via une injection de code SQL (CVE-2011-2546) ;
la seconde permet à un utilisateur authentifié d'élever ses privilèges sur le système par l'envoi de paramètres spécifiques via des formulaires web (CVE-2011-2547).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco SA520 ;
Cisco	N/A	Cisco SA520W ;
Cisco	N/A	Cisco SA540.

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco 20110720-sa500 du 20 juillet 2011	None	vendor-advisory
Bulletin de sécurité Cisco 20110720-sa500 du 20 juillet 2011 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco SA520 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco SA520W ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco SA540.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s dans les produits Cisco SA 500 Series Security\nAppliances ont \u00e9t\u00e9 d\u00e9couvertes :\n\n-   la premi\u00e8re permet \u00e0 une personne distante non authentifi\u00e9e de\n    porter atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es d\u0027identification\n    via une injection de code SQL (CVE-2011-2546) ;\n-   la seconde permet \u00e0 un utilisateur authentifi\u00e9 d\u0027\u00e9lever ses\n    privil\u00e8ges sur le syst\u00e8me par l\u0027envoi de param\u00e8tres sp\u00e9cifiques via\n    des formulaires web (CVE-2011-2547).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-2546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2546"
    },
    {
      "name": "CVE-2011-2547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2547"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco 20110720-sa500 du 20 juillet    2011 :",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20110720-sa500.shtml"
    }
  ],
  "reference": "CERTA-2011-AVI-404",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-07-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s dans les produits Cisco SA 500 Series Security\nAppliances permettent \u00e0 une personne malintentionn\u00e9e soit d\u0027\u00e9lever ses\nprivil\u00e8ges, soit de porter atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans les produits Cisco SA 500 Series Security Appliances",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco 20110720-sa500 du 20 juillet 2011",
      "url": null
    }
  ]
}

CVE-2011-2547 (GCVE-0-2011-2547)

Vulnerability from cvelistv5 – Published: 2011-07-28 22:00 – Updated: 2024-08-06 23:08

Summary

The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681.

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://secunia.com/advisories/45355	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.cisco.com/en/US/products/products_secu…	vendor-advisoryx_refsource_CISCO
	http://securitytracker.com/id?1025810	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/48810	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:08:22.904Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "45355",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45355"
          },
          {
            "name": "cisco-sa500-interface-command-exec(68738)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68738"
          },
          {
            "name": "20110720 Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml"
          },
          {
            "name": "1025810",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1025810"
          },
          {
            "name": "48810",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48810"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-07-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "45355",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45355"
        },
        {
          "name": "cisco-sa500-interface-command-exec(68738)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68738"
        },
        {
          "name": "20110720 Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml"
        },
        {
          "name": "1025810",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1025810"
        },
        {
          "name": "48810",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48810"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2011-2547",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "45355",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/45355"
            },
            {
              "name": "cisco-sa500-interface-command-exec(68738)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68738"
            },
            {
              "name": "20110720 Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml"
            },
            {
              "name": "1025810",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1025810"
            },
            {
              "name": "48810",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/48810"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2011-2547",
    "datePublished": "2011-07-28T22:00:00",
    "dateReserved": "2011-06-27T00:00:00",
    "dateUpdated": "2024-08-06T23:08:22.904Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-2546 (GCVE-0-2011-2546)

Vulnerability from cvelistv5 – Published: 2011-07-28 22:00 – Updated: 2024-08-06 23:08

Summary

SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtq65669.

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://secunia.com/advisories/45355	third-party-advisoryx_refsource_SECUNIA
	http://www.cisco.com/en/US/products/products_secu…	vendor-advisoryx_refsource_CISCO
	http://securitytracker.com/id?1025810	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/bid/48812	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:08:22.701Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "45355",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45355"
          },
          {
            "name": "20110720 Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml"
          },
          {
            "name": "1025810",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1025810"
          },
          {
            "name": "cisco-sa500-login-sql-injection(68737)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68737"
          },
          {
            "name": "48812",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48812"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-07-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtq65669."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "45355",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45355"
        },
        {
          "name": "20110720 Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml"
        },
        {
          "name": "1025810",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1025810"
        },
        {
          "name": "cisco-sa500-login-sql-injection(68737)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68737"
        },
        {
          "name": "48812",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48812"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2011-2546",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtq65669."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "45355",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/45355"
            },
            {
              "name": "20110720 Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml"
            },
            {
              "name": "1025810",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1025810"
            },
            {
              "name": "cisco-sa500-login-sql-injection(68737)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68737"
            },
            {
              "name": "48812",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/48812"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2011-2546",
    "datePublished": "2011-07-28T22:00:00",
    "dateReserved": "2011-06-27T00:00:00",
    "dateUpdated": "2024-08-06T23:08:22.701Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CERTA-2011-AVI-404

Description

Solution

CVE-2011-2547 (GCVE-0-2011-2547)

CVE-2011-2546 (GCVE-0-2011-2546)

Tags

Sightings

Nomenclature