cbcvebase.
CVE-2011-3310
published 2011-10-20

CVE-2011-3310: The Home Page component in Cisco CiscoWorks Common Services before 4.1 on Windows, as used in CiscoWorks LAN Management Solution, Cisco Security Manager, Cisco…

PriorityP260critical9CVSS 2.0
AVNACLAuSCCICAC
EPSS
15.16%
96.3th percentile
The Home Page component in Cisco CiscoWorks Common Services before 4.1 on Windows, as used in CiscoWorks LAN Management Solution, Cisco Security Manager, Cisco Unified Service Monitor, Cisco Unified Operations Manager, CiscoWorks QoS Policy Manager, and CiscoWorks Voice Manager, allows remote authenticated users to execute arbitrary commands via a crafted URL, aka Bug IDs CSCtq48990, CSCtq63992, CSCtq64011, CSCtq64019, CSCtr23090, and CSCtt25535.

Affected

8 ranges
VendorProductVersion rangeFixed in
ciscociscoworks_common_services<= 4.0.1
ciscociscoworks_common_services
ciscociscoworks_common_services
ciscociscoworks_common_services
ciscociscoworks_common_services
ciscociscoworks_common_services
ciscociscoworks_common_services
ciscociscoworks_common_services

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is triggered via a crafted URL sent by a remote authenticated user to the Home Page component of CiscoWorks Common Services on Windows; monitor for anomalous or unexpected URL patterns targeting this component
  • Successful exploitation grants SYSTEM-level privileges; alert on CiscoWorks processes spawning unexpected child processes or executing OS commands
  • ·Vulnerability affects CiscoWorks Common Services versions before 4.1 on Windows only; non-Windows deployments are not affected
  • ·Multiple Cisco products share this vulnerable component; all should be assessed: CiscoWorks LAN Management Solution, Cisco Security Manager, Cisco Unified Service Monitor, Cisco Unified Operations Manager, CiscoWorks QoS Policy Manager, and CiscoWorks Voice Manager
  • ·There are no workarounds available; patching to Common Services 4.1 or later is the only mitigation
  • ·Tracked under multiple Cisco Bug IDs: CSCtq48990, CSCtq63992, CSCtq64011, CSCtq64019, CSCtr23090, CSCtt25535

CVSS provenance

nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
vendor_cisco9.0CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.