HIGH✓ PATCH🇬🇧 English

CVE-2010-3036

CVSS 10.0v2.0pub. 2010-10-29upd. 2026-04-29

Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Cisco Ciscoworks Common Services

    APP
    Cisco
    3.0.53.0.63.13.1.13.23.3
  • Cisco Ciscoworks Lan Management Solution

    APP
    Cisco
    2.63.03.13.2
  • Cisco Qos Policy Manager

    APP
    Cisco
    4.04.0.14.0.2
  • Cisco Security Manager

    APP
    Cisco
    3.0.23.2
  • Cisco Telepresence Readiness Assessment Manager

    APP
    Cisco
    1.0
  • Cisco Unified Operations Manager

    APP
    Cisco
    2.0.12.0.22.0.3
  • Cisco Unified Service Monitor

    APP
    Cisco
    2.0.1
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
RCEMemory
CWE
Referencje

Powiązane podatności

CVE-2020-27130CRITICAL9.1ten sam produkt

A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to gain access to se...

CVE-2019-12630CRITICAL9.8ten sam produkt

A vulnerability in the Java deserialization function used by Cisco Security Manager could allow an unauthentic...

CVE-2020-27125HIGH7.4ten sam produkt

A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive ...

CVE-2020-27131HIGH8.1ten sam produkt

Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could all...

CVE-2011-3310HIGH9.0ten sam produkt

The Home Page component in Cisco CiscoWorks Common Services before 4.1 on Windows, as used in CiscoWorks LAN M...