CVE-2011-3305
published 2011-10-06CVE-2011-3305: Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4.8.x allows remote attackers to read arbitrary files via crafted traffic to…
PriorityP261high7.8CVSS 2.0
AVNACLAuNCCINAN
EXPLOIT
EPSS
21.59%
97.3th percentile
Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4.8.x allows remote attackers to read arbitrary files via crafted traffic to TCP port 443, aka Bug ID CSCtq10755.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | nac_manager | — | — |
| cisco | nac_manager | — | — |
| cisco | nac_manager | — | — |
| cisco | network_admission_control_manager | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Directory traversal attack targeting Cisco NAC Manager 4.8.x over TCP port 443; look for path traversal sequences (e.g., '../') in HTTPS requests to the device ↗
- →Exploitation is unauthenticated — no credentials required; flag any unauthenticated traversal attempts reaching the NAC Manager web interface ↗
- →Metasploit auxiliary module exists for this CVE; tune FILE (e.g. passwd or hosts), MAXDIRS, and RPORT parameters when hunting for exploitation attempts in logs ↗
- →Reference Cisco Bug ID CSCtq10755 when correlating vendor advisories or patch status for affected NAC Manager 4.8.x devices ↗
- ·No workarounds are available; the only mitigation is applying the vendor-supplied software update ↗
CVSS provenance
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:C/I:N/A:N
vendor_cisco7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wg34-hr85-f688: Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4
ghsa_unreviewed·2022-05-17
CVE-2011-3305 [HIGH] CWE-22 GHSA-wg34-hr85-f688: Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4
Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4.8.x allows remote attackers to read arbitrary files via crafted traffic to TCP port 443, aka Bug ID CSCtq10755.
Cisco
Directory Traversal Vulnerability in Cisco Network Admission Control Manager
vendor_cisco·2011-10-05·CVSS 7.8
CVE-2011-3305 [HIGH] CWE-22 Directory Traversal Vulnerability in Cisco Network Admission Control Manager
Directory Traversal Vulnerability in Cisco Network Admission Control Manager
Cisco Network Admission Control (NAC) Manager contains a directory
traversal vulnerability that may allow an unauthenticated attacker to obtain
system information.
There are no workarounds to mitigate this
vulnerability.
Cisco has released software updates that address this vulnerability.
This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111005-nac.
Cisco
Directory Traversal Vulnerability in Cisco Network Admission Control Manager
vendor_cisco
CVE-2011-3305 Directory Traversal Vulnerability in Cisco Network Admission Control Manager
CVE-2011-3305: Directory Traversal Vulnerability in Cisco Network Admission Control Manager
Cisco Network Admission Control (NAC) Manager contains a directory traversal vulnerability that may allow an unauthenticated attacker to obtain system information. There are no
CWE: CWE-22, CWE-22
Bug IDs: CSCtq10755, CSCtq10755
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/76080http://secunia.com/advisories/46309http://www.cisco.com/warp/public/707/cisco-sa-20111005-nac.shtmlhttp://www.securityfocus.com/bid/49954http://www.securitytracker.com/id?1026142https://exchange.xforce.ibmcloud.com/vulnerabilities/70335http://osvdb.org/76080http://secunia.com/advisories/46309http://www.cisco.com/warp/public/707/cisco-sa-20111005-nac.shtmlhttp://www.securityfocus.com/bid/49954http://www.securitytracker.com/id?1026142https://exchange.xforce.ibmcloud.com/vulnerabilities/70335
2011-10-06
Published