Vulnslist

find the latest Cisco vulnerabilities

CiscoWorks Prime LAN Management Solution CRLF Injection and HTTP Response Splitting Vulnerability

Cisco-SA-20120510-CVE-2011-4237 · Medium · Published · Updated

Cisco Prime LAN Management Solution versions prior to 4.2 contain a vulnerability that could allow an unauthenticated, remote attacker to inject arbitrary code and conduct HTTP response-splitting attacks on a targeted system. The vulnerability exists because the affected software improperly sanitizes user-supplied input while handling HTTP headers.  An unauthenticated, remote attacker could exploit the vulnerability by convincing a user to follow a malicious link.  If successful, the attacker could conduct carriage return-line feed (CRLF) injection and HTTP response-splitting attacks against the user. Cisco has confirmed this vulnerability and released updated software. To exploit the vulnerability, the attacker may provide a link that directs a user to a malicious site and use misleading language or instructions to persuade the user to follow the provided link.

Cisco advisory ·CSAF JSON

Workarounds

Administrators are advised to apply the appropriate updates.

Users are advised not to open e-mail messages from suspicious or unrecognized sources. If users cannot verify that links or attachments included in e-mail messages are safe, they are advised not to open them.

Administrators are advised to monitor affected systems.

CVEsCVE-2011-4237
Cisco Bug IDsNA
CVSS ScoreBase 4.3
Base 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:UC/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Product Names From Source
CiscoWorks LAN Management Solution (LMS)

Related Products

Product CVE Evidence
Cisco Nexus Dashboard CVE-2011-4237 Cisco OpenVuln
Cisco Meraki MS Series Switches CVE-2011-4237 Cisco OpenVuln
Cisco Catalyst PON Series Switches CVE-2011-4237 Cisco OpenVuln
CiscoWorks LAN Management Solution (LMS) CVE-2011-4237 Cisco OpenVuln