This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote host has an endpoint security application installed that is
potentially affected by a remote code execution vulnerability.
According to the version identified on the Management Center for Cisco
Agents web interface, the remote host is potentially affected by a
remote code execution vulnerability. This is due to the 'webagent.exe'
script failing to properly process POST request parameters. A remote,
unauthenticated attacker can exploit this issue by creating an arbitrary
file with a crafted 'st_upload' request, which the attacker could use to
execute arbitrary code on the remote host.
See also :
Upgrade to Cisco Security Agent 220.127.116.11 or later, or apply the
workaround specified in the vendor advisory.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true