cisco-sa-20111102-srp500

Cisco Small Business SRP500 Series Command Injection Vulnerability

cisco-sa-20111102-srp500 · Critical · Published 14 years ago · Updated 14 years ago

Cisco Small Business SRP500 Series Services Ready Platforms contain an operating system command injection vulnerability.  The vulnerability can be exploited via a remote session to the Services Ready Platform Configuration Utility web interface. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111102-srp500.

Cisco advisory ·CSAF JSON

Workarounds

No workaround information imported yet.

CVEs	CVE-2011-4005
Cisco Bug IDs	CSCtr45124
CVSS Score	Base 9.3 Base 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C
Product Names From Source	Cisco Small Business SRP500 Series Services Ready Platforms

Related Products

Product	CVE	Evidence
Cisco Small Business SRP500 Series Services Ready Platforms	CVE-2011-4005	Cisco OpenVuln
Cisco SRP500 Services Ready Platforms	CVE-2011-4005	Cisco OpenVuln

Vulnslist

find the latest Cisco vulnerabilities

Cisco Small Business SRP500 Series Command Injection Vulnerability

Workarounds

Related Products