cbcvebase.
CVE-2010-3036
published 2010-10-29

CVE-2010-3036: Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to…

PriorityP258critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
5.99%
92.4th percentile
Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.

Affected

20 ranges
VendorProductVersion rangeFixed in
ciscociscoworks_common_services
ciscociscoworks_common_services
ciscociscoworks_common_services
ciscociscoworks_common_services
ciscociscoworks_common_services
ciscociscoworks_common_services
ciscociscoworks_lan_management_solution
ciscociscoworks_lan_management_solution
ciscociscoworks_lan_management_solution
ciscociscoworks_lan_management_solution
ciscoqos_policy_manager
ciscoqos_policy_manager
ciscoqos_policy_manager
ciscosecurity_manager
ciscosecurity_manager
ciscotelepresence_readiness_assessment_manager
ciscounified_operations_manager
ciscounified_operations_manager
ciscounified_operations_manager
ciscounified_service_monitor

Detection & IOCsextracted from sources · hover to see the quote

port443/TCP
port1741/TCP
  • Monitor for unauthenticated remote buffer overflow attempts against the CiscoWorks Common Services web-server module on TCP ports 443 and 1741, particularly during the authentication phase.
  • The vulnerability is exploitable by a remote unauthenticated attacker; any pre-authentication traffic to these ports from unexpected or external sources should be treated as suspicious.
  • Track Cisco Bug ID CSCti41352 as the canonical identifier for this vulnerability when correlating vendor advisories or patch status.
  • ·No workarounds exist that fully mitigate this vulnerability; only attack surface reduction mitigations are available. Patching to CiscoWorks Common Services 4.0 or later is required.
  • ·The vulnerability affects CiscoWorks Common Services on both Oracle Solaris and Microsoft Windows platforms, so detection and patching efforts must cover both OS environments.

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_cisco10.0CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.