Vulnerability Details CVE-2011-3305
Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4.8.x allows remote attackers to read arbitrary files via crafted traffic to TCP port 443, aka Bug ID CSCtq10755.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.42
EPSS Ranking 97.3%
CVSS Severity
CVSS v2 Score 7.8
References
- http://osvdb.org/76080
- http://secunia.com/advisories/46309
- http://www.cisco.com/warp/public/707/cisco-sa-20111005-nac.shtml
- http://www.securityfocus.com/bid/49954
- http://www.securitytracker.com/id?1026142
- https://exchange.xforce.ibmcloud.com/vulnerabilities/70335
- http://osvdb.org/76080
- http://secunia.com/advisories/46309
- http://www.cisco.com/warp/public/707/cisco-sa-20111005-nac.shtml
- http://www.securityfocus.com/bid/49954
- http://www.securitytracker.com/id?1026142
- https://exchange.xforce.ibmcloud.com/vulnerabilities/70335
Products affected by CVE-2011-3305
-
cpe:2.3:a:cisco:nac_manager:4.8
-
cpe:2.3:a:cisco:nac_manager:4.8(1)
-
cpe:2.3:a:cisco:nac_manager:4.8(2)
-
cpe:2.3:h:cisco:nac_appliance:-
-
cpe:2.3:h:cisco:nac_appliance:3.6
-
cpe:2.3:h:cisco:nac_appliance:4.0
-
cpe:2.3:h:cisco:nac_appliance:4.1
-
cpe:2.3:h:cisco:nac_appliance:4.5
-
cpe:2.3:h:cisco:nac_appliance:4.6
-
cpe:2.3:h:cisco:nac_appliance:4.7
-
cpe:2.3:h:cisco:nac_appliance:4.7.1
-
cpe:2.3:h:cisco:nac_appliance:4.7.2
-
cpe:2.3:h:cisco:nac_appliance:4.8
-
cpe:2.3:h:cisco:nac_appliance:4.9.2