CVE-2011-2547

high

Description

The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/68738

http://www.securityfocus.com/bid/48810

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml

http://securitytracker.com/id?1025810

http://secunia.com/advisories/45355

Details

Source: Mitre, NVD

Published: 2011-07-28

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00613