CVE-2011-1645

The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the backup configuration file, and consequently execute arbitrary code, via unspecified vectors, aka Bug ID CSCtn23871.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f190.shtml	Vendor Advisory
http://www.securitytracker.com/id?1025565
http://www.securityfocus.com/bid/47988

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:h:cisco:rvs4000:2:::::::*
	cpe:2.3:h:cisco:rvs4000:1:::::::*

OR	cpe:2.3:a:cisco:rvs4000_software:2.0.0.3:::::::*
	cpe:2.3:a:cisco:rvs4000_software:1.3.2.0:::::::*
	cpe:2.3:a:cisco:rvs4000_software:1.3.1.0:::::::*
	cpe:2.3:a:cisco:rvs4000_software:1.3.0.5:::::::*

Configuration 2 (hide)

AND

OR	cpe:2.3:h:cisco:wrvs4400n:1.1:::::::*
	cpe:2.3:h:cisco:wrvs4400n:2:::::::*
	cpe:2.3:h:cisco:wrvs4400n:1.0:::::::*

OR	cpe:2.3:a:cisco:wrvs4400n_software:1.3.2.0:::::::*
	cpe:2.3:a:cisco:wrvs4400n_software:1.3.0.5:::::::*
	cpe:2.3:a:cisco:wrvs4400n_software:2.0.0.3:::::::*
	cpe:2.3:a:cisco:wrvs4400n_software:1.3.1.0:::::::*

Information

Published : 2011-05-31 13:55

Updated : 2011-09-06 20:16

NVD link : CVE-2011-1645

Mitre link : CVE-2011-1645

JSON object : View

CWE

CWE-16

Configuration

Products Affected

cisco

wrvs4400n_software
rvs4000
wrvs4400n
rvs4000_software

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f190.shtml", "name": "20110525 Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities", "tags": ["Vendor Advisory"], "refsource": "CISCO"}, {"url": "http://www.securitytracker.com/id?1025565", "name": "1025565", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.securityfocus.com/bid/47988", "name": "47988", "tags": [], "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the backup configuration file, and consequently execute arbitrary code, via unspecified vectors, aka Bug ID CSCtn23871."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-16"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2011-1645", "ASSIGNER": "psirt@cisco.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2011-05-31T20:55Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:cisco:rvs4000:2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:rvs4000:1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cisco:rvs4000_software:2.0.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:rvs4000_software:1.3.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:rvs4000_software:1.3.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:rvs4000_software:1.3.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:cisco:wrvs4400n:1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:wrvs4400n:2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:wrvs4400n:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cisco:wrvs4400n_software:1.3.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:wrvs4400n_software:1.3.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:wrvs4400n_software:2.0.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:wrvs4400n_software:1.3.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2011-09-07T03:16Z"}

9.3 /10