CVE-2011-0966
6.8
Vector
AV:N/AC:L/Au:S/C:C/I:N/A:N
Exploitability: 8.0 / Impact: 6.9
Source: NVD
Description
Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577.
Affected (11)
Products: Cisco: Ciscoworks Common Services
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 3.3 |
References (10)
Source: psirt@cisco.com
Exploit
Source: psirt@cisco.com
Source: psirt@cisco.com
ExploitURL Repurposed
Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitURL Repurposed
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.