FKIE_CVE-2011-0364

Vulnerability from fkie_nvd - Published: 2011-02-19 01:00 - Updated: 2026-06-16 23:27
Severity
Summary
The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request.
References
psirt@cisco.comhttp://secunia.com/advisories/43383Vendor Advisory
psirt@cisco.comhttp://secunia.com/advisories/43393Vendor Advisory
psirt@cisco.comhttp://securityreason.com/securityalert/8095
psirt@cisco.comhttp://securityreason.com/securityalert/8197
psirt@cisco.comhttp://securityreason.com/securityalert/8205
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.shtmlVendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/archive/1/516505/100/0/threaded
psirt@cisco.comhttp://www.securityfocus.com/bid/46420
psirt@cisco.comhttp://www.securitytracker.com/id?1025088
psirt@cisco.comhttp://www.vupen.com/english/advisories/2011/0424Vendor Advisory
psirt@cisco.comhttp://www.zerodayinitiative.com/advisories/ZDI-11-088
psirt@cisco.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/65436
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43383Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43393Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/8095
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/8197
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/8205
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.shtmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/516505/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/46420
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1025088
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0424Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.zerodayinitiative.com/advisories/ZDI-11-088
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/65436
Impacted products
Vendor Product Version
cisco security_agent 5.1
cisco security_agent 5.2
cisco security_agent 6.0
To clipboard 

{
  "affected": [
    {
      "affectedData": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "source": "psirt@cisco.com"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6DD0915-7671-42CD-8DF3-0B685389C528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "734B38F1-6FEC-4A94-B1C9-D076750A133F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_agent:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8805C68E-E152-4089-B74C-1B7703ECC064",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request."
    },
    {
      "lang": "es",
      "value": "La consola de administraci\u00f3n (webagent.exe) en Cisco Security Agent v5.1, v5.2 y v6.0 antes de v6.0.2.145 permite a atacantes remotos crear ficheros arbitrarios y ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de par\u00e1metros no especificados en una petici\u00f3n st_upload debidamente modificada."
    }
  ],
  "id": "CVE-2011-0364",
  "lastModified": "2026-06-16T23:27:13.880",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-02-19T01:00:02.337",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43383"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43393"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://securityreason.com/securityalert/8095"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://securityreason.com/securityalert/8197"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://securityreason.com/securityalert/8205"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/archive/1/516505/100/0/threaded"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/46420"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1025088"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0424"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-088"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43383"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43393"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/8095"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/8197"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/8205"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/516505/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/46420"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1025088"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0424"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-088"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65436"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.