CVE-2011-2738
published 2011-09-19CVE-2011-2738: Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN…
PriorityP260critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
10.96%
95.3th percentile
Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.
Affected
28 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | ciscoworks_lan_management_solution | — | — |
| cisco | ciscoworks_lan_management_solution | — | — |
| cisco | ciscoworks_lan_management_solution | — | — |
| cisco | ciscoworks_lan_management_solution | — | — |
| cisco | ciscoworks_lan_management_solution | — | — |
| cisco | unified_operations_manager | <= 8.5 | — |
| cisco | unified_operations_manager | — | — |
| cisco | unified_operations_manager | — | — |
| cisco | unified_operations_manager | — | — |
| cisco | unified_operations_manager | — | — |
| cisco | unified_operations_manager | — | — |
| cisco | unified_operations_manager | — | — |
| cisco | unified_operations_manager | — | — |
| cisco | unified_operations_manager | — | — |
| cisco | unified_operations_manager | — | — |
| cisco | unified_operations_manager | — | — |
| cisco | unified_service_monitor | <= 8.5 | — |
| cisco | unified_service_monitor | — | — |
| cisco | unified_service_monitor | — | — |
| cisco | unified_service_monitor | — | — |
| cisco | unified_service_monitor | — | — |
| cisco | unified_service_monitor | — | — |
| cisco | unified_service_monitor | — | — |
| cisco | unified_service_monitor | — | — |
| cisco | unified_service_monitor_and_cisco_unified_operations_manager | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for crafted/anomalous packets to TCP port 9002 targeting Cisco Unified Service Monitor, Unified Operations Manager, or EMC Ionix products — exploitation triggers a buffer overflow enabling remote code execution without authentication. ↗
- →Unauthenticated remote exploitation — no credentials required; any external connection to TCP/9002 on affected hosts should be treated as suspicious. ↗
- ·Vulnerability affects multiple product lines and versions; scope includes Cisco Unified Service Monitor <8.6, Unified Operations Manager <8.6, CiscoWorks LAN Management Solution 3.x/4.x <4.1, and multiple EMC Ionix products (ACM ≤2.3, ASAM ≤3.2.0.2, IP ≤8.1.1.1, and others). Ensure detection coverage spans all affected deployments. ↗
- ·Vulnerabilities are described as 'unspecified' — no packet-level details or PoC are publicly documented, limiting signature-based detection to port/protocol anomaly detection rather than payload matching. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities
vendor_cisco
CVE-2011-2738 Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities
CVE-2011-2738: Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities
Two vulnerabilities exist in Cisco Unified Service Monitor and Cisco Unified Operations Manager software that could allow an unauthenticated, remote attacker to execute arbitrary code on affected servers. Cisco has released software updates that address these vulnerabilities.
Bug IDs: CSCtn42961
GHSA
GHSA-p673-9wxq-39cc: Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8
ghsa_unreviewed·2022-05-14
CVE-2011-2738 [HIGH] GHSA-p673-9wxq-39cc: Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8
Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/45979http://secunia.com/advisories/46016http://secunia.com/advisories/46052http://secunia.com/advisories/46053http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtmlhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtmlhttp://www.osvdb.org/75442http://www.securityfocus.com/archive/1/519646/100/0/threadedhttp://www.securityfocus.com/bid/49627http://www.securityfocus.com/bid/49644http://www.securitytracker.com/id?1026046http://www.securitytracker.com/id?1026047http://www.securitytracker.com/id?1026048http://www.securitytracker.com/id?1026059https://exchange.xforce.ibmcloud.com/vulnerabilities/69828http://secunia.com/advisories/45979http://secunia.com/advisories/46016http://secunia.com/advisories/46052http://secunia.com/advisories/46053http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtmlhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtmlhttp://www.osvdb.org/75442http://www.securityfocus.com/archive/1/519646/100/0/threadedhttp://www.securityfocus.com/bid/49627http://www.securityfocus.com/bid/49644http://www.securitytracker.com/id?1026046http://www.securitytracker.com/id?1026047http://www.securitytracker.com/id?1026048http://www.securitytracker.com/id?1026059https://exchange.xforce.ibmcloud.com/vulnerabilities/69828
2011-09-19
Published