Vulnerability Details CVE-2010-3036
Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.284
EPSS Ranking 96.2%
CVSS Severity
CVSS v2 Score 10.0
References
- http://osvdb.org/68927
- http://secunia.com/advisories/42011
- http://securitytracker.com/id?1024646
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml
- http://www.securityfocus.com/bid/44468
- http://www.vupen.com/english/advisories/2010/2793
- http://osvdb.org/68927
- http://secunia.com/advisories/42011
- http://securitytracker.com/id?1024646
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml
- http://www.securityfocus.com/bid/44468
- http://www.vupen.com/english/advisories/2010/2793
Products affected by CVE-2010-3036
-
cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5
-
cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6
-
cpe:2.3:a:cisco:ciscoworks_common_services:3.1
-
cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1
-
cpe:2.3:a:cisco:ciscoworks_common_services:3.2
-
cpe:2.3:a:cisco:ciscoworks_common_services:3.3
-
cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.6
-
cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0
-
cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.1
-
cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.2
-
cpe:2.3:a:cisco:qos_policy_manager:4.0
-
cpe:2.3:a:cisco:qos_policy_manager:4.0.1
-
cpe:2.3:a:cisco:qos_policy_manager:4.0.2
-
cpe:2.3:a:cisco:security_manager:3.0.2
-
cpe:2.3:a:cisco:security_manager:3.2
-
cpe:2.3:a:cisco:telepresence_readiness_assessment_manager:1.0
-
cpe:2.3:a:cisco:unified_operations_manager:2.0.1
-
cpe:2.3:a:cisco:unified_operations_manager:2.0.2
-
cpe:2.3:a:cisco:unified_operations_manager:2.0.3
-
cpe:2.3:a:cisco:unified_service_monitor:2.0.1