CVE-2011-2546
Published Jul 28, 2011
Last updated 7 years ago
Overview
- Description
- SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtq65669.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-89
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:sa500_software:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F34CEB78-9F68-4BF7-BB70-7AF03524CA9D",
"versionEndIncluding": "2.1.18"
},
{
"criteria": "cpe:2.3:a:cisco:sa500_software:1.0.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "988B2905-DE56-417F-BDFC-26C3120F4FE9"
},
{
"criteria": "cpe:2.3:a:cisco:sa500_software:1.0.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B1DCFEE-D2CA-46EC-B92B-7BC6D84A863F"
},
{
"criteria": "cpe:2.3:a:cisco:sa500_software:1.0.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6969B8E-BA94-4E5C-8864-886EC7DB5568"
},
{
"criteria": "cpe:2.3:a:cisco:sa500_software:1.0.39:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F3EFD6F-BCA3-4578-ACB7-CDA48C66F8A8"
},
{
"criteria": "cpe:2.3:a:cisco:sa500_software:1.1.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C8D0F427-03DB-4B77-AD44-2CF30A3A8468"
},
{
"criteria": "cpe:2.3:a:cisco:sa500_software:1.1.42:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D1CC976-BE22-4C5B-A877-ED78544C2730"
},
{
"criteria": "cpe:2.3:a:cisco:sa500_software:1.1.65:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE089465-47D4-48EC-878A-B045E78A6D7A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:sa520:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "41EA22A9-7330-473D-A8F6-625EACF21B35"
},
{
"criteria": "cpe:2.3:h:cisco:sa520w:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C7A7463-BCAC-4DD8-920A-2D3134D3B579"
},
{
"criteria": "cpe:2.3:h:cisco:sa540:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86F2ED99-EB36-4FB6-8404-BF0DDD2B2AEA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]