You are here

T-725: Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilitiry Code

September 23, 2011 - 9:00am

Addthis

PROBLEM:

Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilitiry Code.

PLATFORM:

Cisco Unified Service Monitor prior to version 8.6
Cisco Unified Operations Manager prior to version 8.6
CiscoWorks LAN Management Solution software releases 3.1, 3.2, and 4.0.

ABSTRACT:

Successful exploitation of these vulnerabilities could allow an unauthenticated, remote attacker to execute arbitrary code on affected servers.

referenceĀ  LINKS:

Cisco Security Advisory 113173
Cisco Security Advisory 113092
Cisco Applied Mitigation Bulletin
CVE-2011-2738

IMPACT ASSESSMENT:

High

Discussion:

Multiple Cisco products are prone to multiple remote code-execution vulnerabilities. An attacker can exploit these issues to execute arbitrary code within the context of the affected devices. Failed exploit attempts may result in a denial of service.

Impact:

Successful exploitation of these vulnerabilities could allow an unauthenticated, remote attacker to execute arbitrary code on affected servers.

Solution:

Cisco Security Advisories and Notices
CiscoWorks LAN Management Software Download
Cisco Unified Service Monitor Software Download

Addthis