cvelistv5 - cve-2011-0966

CVE-2011-0966 (GCVE-0-2011-0966)

Vulnerability from cvelistv5 – Published: 2011-05-20 22:00 – Updated: 2024-08-06 22:14

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://www.senseofsecurity.com.au/advisories/SOS-…	x_refsource_MISC
	http://archives.neohapsis.com/archives/fulldisclo…	mailing-listx_refsource_FULLDISC
	http://www.exploit-db.com/exploits/17304	exploitx_refsource_EXPLOIT-DB
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://tools.cisco.com/security/center/viewAlert.…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:14:26.470Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
          },
          {
            "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
          },
          {
            "name": "17304",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/17304"
          },
          {
            "name": "cisco-uom-auditlog-directory-traversal(67525)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67525"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23089"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-05-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
        },
        {
          "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
        },
        {
          "name": "17304",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/17304"
        },
        {
          "name": "cisco-uom-auditlog-directory-traversal(67525)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67525"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23089"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2011-0966",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf",
              "refsource": "MISC",
              "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
            },
            {
              "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
              "refsource": "FULLDISC",
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
            },
            {
              "name": "17304",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/17304"
            },
            {
              "name": "cisco-uom-auditlog-directory-traversal(67525)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67525"
            },
            {
              "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23089",
              "refsource": "CONFIRM",
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23089"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2011-0966",
    "datePublished": "2011-05-20T22:00:00",
    "dateReserved": "2011-02-10T00:00:00",
    "dateUpdated": "2024-08-06T22:14:26.470Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ciscoworks_common_services:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.3\", \"matchCriteriaId\": \"9C789014-B8C1-4883-BB5A-15410A35935B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ciscoworks_common_services:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB432B6D-CFC5-4C0D-B655-58C595DAD622\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ciscoworks_common_services:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A94D689-5C27-4F34-806F-CD107ADF9893\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ciscoworks_common_services:3.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C905C4D-58D5-46E3-944F-53DCB147B34C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ciscoworks_common_services:3.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B91D77A-A96A-4A64-AFFE-7ECE001D2038\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88AD3EC2-36B1-4E34-BD7F-B1D02B32178A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5CC9C408-0BE2-45A6-ACB3-B9EBB22BC773\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"499CD64C-8692-4BE7-8F5E-5964ACDA1972\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2152A29-7074-4659-AA8A-BB3E793ED4A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"518309CD-F453-4B0B-8C1D-E534CE0E336B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de salto de directorio en cwhp/auditLog.do en el componente Homepage Auditing en Cisco CiscoWorks Common Services v3.3 y anteriores permite a atacantes remotos leer archivos de su elecci\\u00f3n a trav\\u00e9s de un .. (punto punto) en el par\\u00e1metro de archivo, tambi\\u00e9n conocido como Bug ID CSCto35577.\"}]",
      "id": "CVE-2011-0966",
      "lastModified": "2024-11-21T01:25:12.973",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:C/I:N/A:N\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2011-05-20T22:55:03.063",
      "references": "[{\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://tools.cisco.com/security/center/viewAlert.x?alertId=23089\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.exploit-db.com/exploits/17304\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Exploit\", \"URL Repurposed\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/67525\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://tools.cisco.com/security/center/viewAlert.x?alertId=23089\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.exploit-db.com/exploits/17304\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"URL Repurposed\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/67525\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-0966\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2011-05-20T22:55:03.063\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de salto de directorio en cwhp/auditLog.do en el componente Homepage Auditing en Cisco CiscoWorks Common Services v3.3 y anteriores permite a atacantes remotos leer archivos de su elecci\u00f3n a trav\u00e9s de un .. (punto punto) en el par\u00e1metro de archivo, tambi\u00e9n conocido como Bug ID CSCto35577.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:N/A:N\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ciscoworks_common_services:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.3\",\"matchCriteriaId\":\"9C789014-B8C1-4883-BB5A-15410A35935B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ciscoworks_common_services:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB432B6D-CFC5-4C0D-B655-58C595DAD622\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ciscoworks_common_services:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A94D689-5C27-4F34-806F-CD107ADF9893\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ciscoworks_common_services:3.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C905C4D-58D5-46E3-944F-53DCB147B34C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ciscoworks_common_services:3.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B91D77A-A96A-4A64-AFFE-7ECE001D2038\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88AD3EC2-36B1-4E34-BD7F-B1D02B32178A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CC9C408-0BE2-45A6-ACB3-B9EBB22BC773\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"499CD64C-8692-4BE7-8F5E-5964ACDA1972\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2152A29-7074-4659-AA8A-BB3E793ED4A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"518309CD-F453-4B0B-8C1D-E534CE0E336B\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://tools.cisco.com/security/center/viewAlert.x?alertId=23089\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://www.exploit-db.com/exploits/17304\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Exploit\",\"URL Repurposed\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/67525\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://tools.cisco.com/security/center/viewAlert.x?alertId=23089\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.exploit-db.com/exploits/17304\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"URL Repurposed\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/67525\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GSD-2011-0966

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2011-0966

Aliases

CVE-2011-0966

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-0966",
    "description": "Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577.",
    "id": "GSD-2011-0966",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2011-0966"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-0966"
      ],
      "details": "Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577.",
      "id": "GSD-2011-0966",
      "modified": "2023-12-13T01:19:04.537898Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2011-0966",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf",
            "refsource": "MISC",
            "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
          },
          {
            "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
            "refsource": "FULLDISC",
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
          },
          {
            "name": "17304",
            "refsource": "EXPLOIT-DB",
            "url": "http://www.exploit-db.com/exploits/17304"
          },
          {
            "name": "cisco-uom-auditlog-directory-traversal(67525)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67525"
          },
          {
            "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23089",
            "refsource": "CONFIRM",
            "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23089"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2011-0966"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23089",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23089"
            },
            {
              "name": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
            },
            {
              "name": "20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006",
              "refsource": "FULLDISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
            },
            {
              "name": "17304",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.exploit-db.com/exploits/17304"
            },
            {
              "name": "cisco-uom-auditlog-directory-traversal(67525)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67525"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-17T01:33Z",
      "publishedDate": "2011-05-20T22:55Z"
    }
  }
}

FKIE_CVE-2011-0966

Vulnerability from fkie_nvd - Published: 2011-05-20 22:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html	Exploit
psirt@cisco.com	http://tools.cisco.com/security/center/viewAlert.x?alertId=23089
psirt@cisco.com	http://www.exploit-db.com/exploits/17304	Exploit
psirt@cisco.com	http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf	Exploit, URL Repurposed
psirt@cisco.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/67525
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/viewAlert.x?alertId=23089
af854a3a-2127-422b-91ae-364da2661108	http://www.exploit-db.com/exploits/17304	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf	Exploit, URL Repurposed
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/67525

Impacted products

Vendor	Product	Version
cisco	ciscoworks_common_services	*
cisco	ciscoworks_common_services	1.0
cisco	ciscoworks_common_services	2.2
cisco	ciscoworks_common_services	3.0
cisco	ciscoworks_common_services	3.0.3
cisco	ciscoworks_common_services	3.0.4
cisco	ciscoworks_common_services	3.0.5
cisco	ciscoworks_common_services	3.0.6
cisco	ciscoworks_common_services	3.1
cisco	ciscoworks_common_services	3.1.1
cisco	ciscoworks_common_services	3.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C789014-B8C1-4883-BB5A-15410A35935B",
              "versionEndIncluding": "3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB432B6D-CFC5-4C0D-B655-58C595DAD622",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A94D689-5C27-4F34-806F-CD107ADF9893",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C905C4D-58D5-46E3-944F-53DCB147B34C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B91D77A-A96A-4A64-AFFE-7ECE001D2038",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "88AD3EC2-36B1-4E34-BD7F-B1D02B32178A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC9C408-0BE2-45A6-ACB3-B9EBB22BC773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "499CD64C-8692-4BE7-8F5E-5964ACDA1972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2152A29-7074-4659-AA8A-BB3E793ED4A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "518309CD-F453-4B0B-8C1D-E534CE0E336B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en cwhp/auditLog.do en el componente Homepage Auditing en Cisco CiscoWorks Common Services v3.3 y anteriores permite a atacantes remotos leer archivos de su elecci\u00f3n a trav\u00e9s de un .. (punto punto) en el par\u00e1metro de archivo, tambi\u00e9n conocido como Bug ID CSCto35577."
    }
  ],
  "id": "CVE-2011-0966",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 6.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-05-20T22:55:03.063",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23089"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/17304"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "URL Repurposed"
      ],
      "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67525"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23089"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/17304"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "URL Repurposed"
      ],
      "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67525"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201105-0050

Vulnerability from variot - Updated: 2024-02-14 22:47

Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577. CiscoWorks Common Services is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. A remote attacker could exploit this vulnerability using directory-traversal strings (such as '../') to gain access to arbitrary files on the targeted system. This may result in the disclosure of sensitive information or lead to a complete compromise of the affected computer. This issue is being monitored by Cisco Bug ID CSCto35577. CiscoWorks Common Services 3.3 and prior are vulnerable. ----------------------------------------------------------------------

http://twitter.com/secunia

http://www.facebook.com/Secunia

TITLE: CiscoWorks Common Services "file" Directory Traversal Vulnerability

SECUNIA ADVISORY ID: SA44646

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44646/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44646

RELEASE DATE: 2011-05-20

DISCUSS ADVISORY: http://secunia.com/advisories/44646/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/44646/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=44646

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: A vulnerability has been reported in CiscoWorks Common Services, which can be exploited by malicious people to disclose sensitive information.

Input passed via the "file" parameter to cwhp/auditLog.do in the Homepage Auditing component is not properly verified before being used to read files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.

SOLUTION: Restrict access to trusted hosts only.

PROVIDED AND/OR DISCOVERED BY: Sense of Security Labs

ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/viewAlert.x?alertId=23089

Sense of Security Labs: http://www.senseofsecurity.com.au/advisories/SOS-11-006

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Sense of Security - Security Advisory - SOS-11-006

Release Date. 18-May-2011 Last Update. - Vendor Notification Date. 28-Feb-2011 Product. Platform. Microsoft Windows Affected versions. CuOM 8.0 and 8.5 (verified), possibly others. Severity Rating. Medium - Low Impact. Database access, cookie and credential theft, impersonation, loss of confidentiality, local file disclosure, information disclosure. Attack Vector. Remote with authentication Solution Status. Vendor patch (upgrade to CuOM 8.6 as advised by Cisco) CVE reference. CVE-2011-0959 (CSCtn61716) CVE-2011-0960 (CSCtn61716) CVE-2011-0961 (CSCto12704) CVE-2011-0962 (CSCto12712) CVE-2011-0966 (CSCto35577)

Details. Cisco Unified Operations Manager (CuOM) is a NMS for voice developed by Cisco Systems. Operations Manager monitors and evaluates the current status of both the IP communications infrastructure and the underlying transport infrastructure in your network.

Multiple vulnerabilities have been identified in Cisco Unified Operations Manager and associated products. These vulnerabilities include multiple blind SQL injections, multiple XSS. and a directory traversal vulnerability.

Blind SQL injection vulnerabilities that affect CuOM CVE-2011-0960 (CSCtn61716): The Variable CCMs of PRTestCreation can trigger a blind SQL injection vulnerability by supplying a single quote, followed by a time delay call: /iptm/PRTestCreation.do?RequestSource=dashboard&MACs=&CCMs='waitfor%20 delay'0:0:20'--&Extns=&IPs=

Additionally, variable ccm of TelePresenceReportAction can trigger a blind SQL injection vulnerability by supplying a single quote: /iptm/TelePresenceReportAction.do?ccm='waitfor%20delay'0:0:20'--

Directory traversal vulnerability that affects CiscoWorks Homepage CVE-2011-0966 (CSCto35577): http://target:1741/cwhp/auditLog.do?file=..............\boot.ini cmfDBA user database info: http://target:1741/cwhp/auditLog.do?file=..............\Program Files\CSCOpx\MDC\Tomcat\webapps\triveni\WEB-INF\classes\schedule.prope rties DB connection info for all databases: http://target:1741/cwhp/auditLog.do?file=..............\Program Files\CSCOpx\lib\classpath\com\cisco\nm\cmf\dbservice2\DBServer.proper ties Note: When reading large files such as this file, ensure the row limit is adjusted to 500 for example. DB password change log: http://target:1741/cwhp/auditLog.do?file=..............\Program Files\CSCOpx\log\dbpwdChange.log Solution. Upgrade to CuOM 8.6. Refer to Cisco Bug IDs: CSCtn61716, CSCto12704, CSCto12712 and CSCto35577 for information on patches and availability of fixes.

Discovered by. Sense of Security Labs.

About us. Sense of Security is a leading provider of information security and risk management solutions. Our team has expert skills in assessment and assurance, strategy and architecture, and deployment through to ongoing management. We are Australia's premier application penetration testing firm and trusted IT security advisor to many of the countries largest organisations.

Sense of Security Pty Ltd Level 8, 66 King St Sydney NSW 2000 AUSTRALIA

T: +61 (0)2 9290 4444 F: +61 (0)2 9290 4455 W: http://www.senseofsecurity.com.au E: info@senseofsecurity.com.au Twitter: @ITsecurityAU

The latest version of this advisory can be found at: http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf

Other Sense of Security advisories can be found at: http://www.senseofsecurity.com.au/research/it-security-advisories.php

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201105-0050",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ciscoworks common services",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.0.3"
      },
      {
        "model": "ciscoworks common services",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.1"
      },
      {
        "model": "ciscoworks common services",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.0.5"
      },
      {
        "model": "ciscoworks common services",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.0.4"
      },
      {
        "model": "ciscoworks common services",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.2"
      },
      {
        "model": "ciscoworks common services",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.0.6"
      },
      {
        "model": "ciscoworks common services",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "2.2"
      },
      {
        "model": "ciscoworks common services",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.0"
      },
      {
        "model": "ciscoworks common services",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.1.1"
      },
      {
        "model": "ciscoworks common services",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "ciscoworks common services",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "1.0"
      },
      {
        "model": "ciscoworks common services",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "ciscoworks common services base",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "ciscoworks common services base",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.0"
      },
      {
        "model": "ciscoworks common services base",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.6"
      },
      {
        "model": "ciscoworks common services base",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1.1"
      },
      {
        "model": "ciscoworks common services base",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.0.3"
      },
      {
        "model": "ciscoworks common services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.3"
      },
      {
        "model": "ciscoworks common services base",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.0"
      },
      {
        "model": "ciscoworks common services base",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.0.5"
      },
      {
        "model": "ciscoworks common services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3.0"
      },
      {
        "model": "ciscoworks common services base",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.0.4"
      },
      {
        "model": "ciscoworks common services base",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.3"
      },
      {
        "model": "ciscoworks common services base",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.0.6"
      },
      {
        "model": "ciscoworks common services base",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.2"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "47905"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003131"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-201"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0966"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-0966"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sense of Security Labs",
    "sources": [
      {
        "db": "BID",
        "id": "47905"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2011-0966",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "Single",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 6.8,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2011-0966",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "VHN-48911",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:C/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2011-0966",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201105-201",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-48911",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-48911"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003131"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-201"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0966"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577. CiscoWorks Common Services is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. \nA remote attacker could exploit this vulnerability using  directory-traversal strings (such as \u0027../\u0027) to gain access to arbitrary  files on the targeted system. This may result in the disclosure of  sensitive information or lead to a complete compromise of the affected  computer. \nThis issue is being monitored by Cisco Bug ID CSCto35577. \nCiscoWorks Common Services 3.3 and prior are vulnerable. ----------------------------------------------------------------------\n\n\nhttp://twitter.com/secunia\n\nhttp://www.facebook.com/Secunia\n\n\n----------------------------------------------------------------------\n\nTITLE:\nCiscoWorks Common Services \"file\" Directory Traversal Vulnerability\n\nSECUNIA ADVISORY ID:\nSA44646\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/44646/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44646\n\nRELEASE DATE:\n2011-05-20\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/44646/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/44646/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44646\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in CiscoWorks Common Services,\nwhich can be exploited by malicious people to disclose sensitive\ninformation. \n\nInput passed via the \"file\" parameter to cwhp/auditLog.do in the\nHomepage Auditing component is not properly verified before being\nused to read files. This can be exploited to disclose the contents of\narbitrary files via directory traversal sequences. \n\nSOLUTION:\nRestrict access to trusted hosts only. \n\nPROVIDED AND/OR DISCOVERED BY:\nSense of Security Labs\n\nORIGINAL ADVISORY:\nCisco:\nhttp://tools.cisco.com/security/center/viewAlert.x?alertId=23089\n\nSense of Security Labs:\nhttp://www.senseofsecurity.com.au/advisories/SOS-11-006\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. Sense of Security - Security Advisory - SOS-11-006\n\nRelease Date.                  18-May-2011\nLast Update.                   -\nVendor Notification Date.      28-Feb-2011\nProduct. \nPlatform.                      Microsoft Windows\nAffected versions.             CuOM 8.0 and 8.5 (verified),\n                               possibly others. \nSeverity Rating.               Medium - Low\nImpact.                        Database access, cookie and credential\n                               theft, impersonation, loss of\n                               confidentiality, local file disclosure,\n                               information disclosure. \nAttack Vector.                 Remote with authentication\nSolution Status.               Vendor patch (upgrade to CuOM 8.6 as\n                               advised by Cisco)\nCVE reference.                 CVE-2011-0959 (CSCtn61716)\n                               CVE-2011-0960 (CSCtn61716)\n                               CVE-2011-0961 (CSCto12704)\n                               CVE-2011-0962 (CSCto12712)\n                               CVE-2011-0966 (CSCto35577)\n\nDetails. \nCisco Unified Operations Manager (CuOM) is a NMS for voice developed by\nCisco Systems. Operations Manager monitors and evaluates the current\nstatus of both the IP communications infrastructure and the underlying\ntransport infrastructure in your network. \n\nMultiple vulnerabilities have been identified in Cisco Unified\nOperations Manager and associated products. These vulnerabilities\ninclude multiple blind SQL injections, multiple XSS. and a directory\ntraversal vulnerability. \n\n1. Blind SQL injection vulnerabilities that affect CuOM\nCVE-2011-0960 (CSCtn61716):\nThe Variable CCMs of PRTestCreation can trigger a blind SQL injection\nvulnerability by supplying a single quote, followed by a time delay\ncall:\n/iptm/PRTestCreation.do?RequestSource=dashboard\u0026MACs=\u0026CCMs=\u0027waitfor%20\ndelay\u00270:0:20\u0027--\u0026Extns=\u0026IPs=\n\nAdditionally, variable ccm of TelePresenceReportAction can trigger a\nblind SQL injection vulnerability by supplying a single quote:\n/iptm/TelePresenceReportAction.do?ccm=\u0027waitfor%20delay\u00270:0:20\u0027--\n\n2. Directory traversal vulnerability that affects CiscoWorks Homepage\nCVE-2011-0966 (CSCto35577):\nhttp://target:1741/cwhp/auditLog.do?file=..\\..\\..\\..\\..\\..\\..\\boot.ini\ncmfDBA user database info:\nhttp://target:1741/cwhp/auditLog.do?file=..\\..\\..\\..\\..\\..\\..\\Program \nFiles\\CSCOpx\\MDC\\Tomcat\\webapps\\triveni\\WEB-INF\\classes\\schedule.prope\nrties\nDB connection info for all databases:\nhttp://target:1741/cwhp/auditLog.do?file=..\\..\\..\\..\\..\\..\\..\\Program \nFiles\\CSCOpx\\lib\\classpath\\com\\cisco\\nm\\cmf\\dbservice2\\DBServer.proper\nties\nNote: When reading large files such as this file, ensure the row\nlimit is adjusted to 500 for example. \nDB password change log:\nhttp://target:1741/cwhp/auditLog.do?file=..\\..\\..\\..\\..\\..\\..\\Program \nFiles\\CSCOpx\\log\\dbpwdChange.log\nSolution. \nUpgrade to CuOM 8.6. \nRefer to Cisco Bug IDs: CSCtn61716, CSCto12704, CSCto12712 and\nCSCto35577 for information on patches and availability of fixes. \n\nDiscovered by. \nSense of Security Labs. \n\nAbout us. \nSense of Security is a leading provider of information\nsecurity and risk management solutions. Our team has expert\nskills in assessment and assurance, strategy and architecture,\nand deployment through to ongoing management. We are\nAustralia\u0027s premier application penetration testing firm and\ntrusted IT security advisor to many of the countries largest\norganisations. \n\nSense of Security Pty Ltd \nLevel 8, 66 King St\nSydney NSW 2000\nAUSTRALIA\n\nT: +61 (0)2 9290 4444\nF: +61 (0)2 9290 4455\nW: http://www.senseofsecurity.com.au\nE: info@senseofsecurity.com.au\nTwitter: @ITsecurityAU\n\nThe latest version of this advisory can be found at:\nhttp://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf\n\nOther Sense of Security advisories can be found at:\nhttp://www.senseofsecurity.com.au/research/it-security-advisories.php\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-0966"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003131"
      },
      {
        "db": "BID",
        "id": "47905"
      },
      {
        "db": "VULHUB",
        "id": "VHN-48911"
      },
      {
        "db": "PACKETSTORM",
        "id": "101558"
      },
      {
        "db": "PACKETSTORM",
        "id": "101518"
      }
    ],
    "trust": 2.16
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-48911",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-48911"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-0966",
        "trust": 2.9
      },
      {
        "db": "EXPLOIT-DB",
        "id": "17304",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003131",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-201",
        "trust": 0.7
      },
      {
        "db": "SECUNIA",
        "id": "44646",
        "trust": 0.7
      },
      {
        "db": "FULLDISC",
        "id": "20110518 CISCO UNIFIED OPERATIONS MANAGER MULTIPLE VULNERABILITIES - SOS-11-006",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "67525",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "47905",
        "trust": 0.4
      },
      {
        "db": "EXPLOIT-DB",
        "id": "35781",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-48911",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "101558",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "101518",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-48911"
      },
      {
        "db": "BID",
        "id": "47905"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003131"
      },
      {
        "db": "PACKETSTORM",
        "id": "101558"
      },
      {
        "db": "PACKETSTORM",
        "id": "101518"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-201"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0966"
      }
    ]
  },
  "id": "VAR-201105-0050",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-48911"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-02-14T22:47:00.334000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "23089",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=23089"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003131"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-48911"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003131"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0966"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=23089"
      },
      {
        "trust": 1.8,
        "url": "http://www.senseofsecurity.com.au/advisories/sos-11-006.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.exploit-db.com/exploits/17304"
      },
      {
        "trust": 1.7,
        "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67525"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0966"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0966"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/67525"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/44646"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com"
      },
      {
        "trust": 0.3,
        "url": "http://www.senseofsecurity.com.au/advisories/sos-11-006.pdf "
      },
      {
        "trust": 0.1,
        "url": "http://twitter.com/secunia"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/products/corporate/evm/"
      },
      {
        "trust": 0.1,
        "url": "http://www.facebook.com/secunia"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/44646/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://www.senseofsecurity.com.au/advisories/sos-11-006"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44646"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/44646/"
      },
      {
        "trust": 0.1,
        "url": "http://target:1741/cwhp/auditlog.do?file=..\\..\\..\\..\\..\\..\\..\\program"
      },
      {
        "trust": 0.1,
        "url": "http://www.senseofsecurity.com.au"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0961"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0960"
      },
      {
        "trust": 0.1,
        "url": "http://www.senseofsecurity.com.au/research/it-security-advisories.php"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0962"
      },
      {
        "trust": 0.1,
        "url": "http://target:1741/cwhp/auditlog.do?file=..\\..\\..\\..\\..\\..\\..\\boot.ini"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0966"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0959"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-48911"
      },
      {
        "db": "BID",
        "id": "47905"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003131"
      },
      {
        "db": "PACKETSTORM",
        "id": "101558"
      },
      {
        "db": "PACKETSTORM",
        "id": "101518"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-201"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0966"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-48911"
      },
      {
        "db": "BID",
        "id": "47905"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003131"
      },
      {
        "db": "PACKETSTORM",
        "id": "101558"
      },
      {
        "db": "PACKETSTORM",
        "id": "101518"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-201"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-0966"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-05-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-48911"
      },
      {
        "date": "2011-05-18T00:00:00",
        "db": "BID",
        "id": "47905"
      },
      {
        "date": "2011-12-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-003131"
      },
      {
        "date": "2011-05-19T07:22:58",
        "db": "PACKETSTORM",
        "id": "101558"
      },
      {
        "date": "2011-05-18T14:17:13",
        "db": "PACKETSTORM",
        "id": "101518"
      },
      {
        "date": "2011-05-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201105-201"
      },
      {
        "date": "2011-05-20T22:55:03.063000",
        "db": "NVD",
        "id": "CVE-2011-0966"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-08-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-48911"
      },
      {
        "date": "2011-05-18T00:00:00",
        "db": "BID",
        "id": "47905"
      },
      {
        "date": "2011-12-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-003131"
      },
      {
        "date": "2011-05-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201105-201"
      },
      {
        "date": "2024-02-14T01:17:43.863000",
        "db": "NVD",
        "id": "CVE-2011-0966"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "101518"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-201"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco CiscoWorks Common Services Vulnerable to directory traversal",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-003131"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "path traversal",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201105-201"
      }
    ],
    "trust": 0.6
  }
}

GHSA-5PM8-4CGQ-C8FP

Vulnerability from github – Published: 2022-05-17 02:01 – Updated: 2022-05-17 02:01

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-0966"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-05-20T22:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577.",
  "id": "GHSA-5pm8-4cgq-c8fp",
  "modified": "2022-05-17T02:01:32Z",
  "published": "2022-05-17T02:01:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0966"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67525"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0371.html"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=23089"
    },
    {
      "type": "WEB",
      "url": "http://www.exploit-db.com/exploits/17304"
    },
    {
      "type": "WEB",
      "url": "http://www.senseofsecurity.com.au/advisories/SOS-11-006.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2011-0966 (GCVE-0-2011-0966)

GSD-2011-0966

FKIE_CVE-2011-0966

VAR-201105-0050

GHSA-5PM8-4CGQ-C8FP

Tags

Sightings

Nomenclature