Published: 23/02/2010 Updated: 17/08/2017

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 prior to 5.1.0.117, 5.2 prior to 5.2.0.296, and 6.0 prior to 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco security agent 6.0
cisco security agent 5.1
cisco security agent 5.2

The Management Center for Cisco Security Agents is affected by a directory traversal vulnerability and a SQL injection vulnerability Successful exploitation of the directory traversal vulnerability may allow an authenticated attacker to view and download arbitrary files from the server hosting the Management Center Successful exploitation of the ...

CWE-89 http://secunia.com/advisories/38619 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml http://osvdb.org/62444 http://www.securityfocus.com/bid/38272 http://www.securitytracker.com/id?1023606 http://www.vupen.com/english/advisories/2010/0416 https://exchange.xforce.ibmcloud.com/vulnerabilities/56346 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20100217-csa

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-0147

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect