PT-2011-4816 · Cisco · Srp521W+5

Publicado

2011-11-03

Atualizado

2017-08-29

CVE-2011-4005

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cisco Small Business SRP521W, SRP526W, and SRP527W versions prior to 1.1.24 Cisco Small Business SRP541W, SRP546W, and SRP547W versions prior to 1.2.1

Description A cross-site request forgery (CSRF) issue exists in the Services Ready Platform Configuration Utility web interface, allowing remote attackers to hijack the authentication of administrators for requests that execute arbitrary commands.

Recommendations For Cisco Small Business SRP521W, SRP526W, and SRP527W, update the firmware to version 1.1.24 or later. For Cisco Small Business SRP541W, SRP546W, and SRP547W, update the firmware to version 1.2.1 or later.

Correção

CSRF

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-352

Identificadores relacionados

CVE-2011-4005

Produtos afetados

Srp521W

Srp526W

Srp527W

Srp541W

Srp546W

Srp547W

PT-2011-4816 · Cisco · Srp521W+5

CVE-2011-4005

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6