CVE-2010-3036

Published Oct 29, 2010

Last updated 4 months ago

CVSS info 10.0

Overview

Description: Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88AD3EC2-36B1-4E34-BD7F-B1D02B32178A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CC9C408-0BE2-45A6-ACB3-B9EBB22BC773"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "499CD64C-8692-4BE7-8F5E-5964ACDA1972"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D2152A29-7074-4659-AA8A-BB3E793ED4A6"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "518309CD-F453-4B0B-8C1D-E534CE0E336B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22DE1462-59AC-40BE-89DF-AB43CA3EC7BE"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.6:update:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D8B4ED2-15B4-4FE1-A159-D6435B5DCA5C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6CF9518-2D68-4E95-862B-54B622622B9D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:december_2007:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D81D6312-9A3E-483D-BBFC-C7688B3872A3"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C446E75-5404-4875-AD94-DF953A7874FC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD8493C0-A3FF-473A-BFD5-DB6051AE8DCC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:qos_policy_manager:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BEE8595-B861-4DAB-9708-B2DA30C36C77"
          },
          {
            "criteria": "cpe:2.3:a:cisco:qos_policy_manager:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96C5C060-E09E-4F28-9B87-0417DBFB9368"
          },
          {
            "criteria": "cpe:2.3:a:cisco:qos_policy_manager:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83FCE4EC-B432-4768-BF3A-F1A29BD6B4B3"
          },
          {
            "criteria": "cpe:2.3:a:cisco:security_manager:3.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F831EEB-A499-4C76-A085-52F3D750E0FD"
          },
          {
            "criteria": "cpe:2.3:a:cisco:security_manager:3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4686AD6B-CAB3-4CE5-9B13-D30613C614CB"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_readiness_assessment_manager:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "668AEB8D-4923-4EAE-A67A-979D7B816108"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD2DF29A-4E30-442C-BB14-F22D955B112A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CA03A21-13EF-476E-892B-D0A494779594"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "107A78CC-8943-4D33-BE60-CBFC72FE405D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA713155-3826-401C-88E6-5D556513877A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References