Remote Code Execution Vulnerability in Cisco Security Monitoring System
CVE-2006-3733

Currently unrated

Key Information:

Vendor: Cisco
Status: Security Monitoring Analysis And Response System
Vendor: CVE Published:; 21 July 2006

Summary

The jmx-console/HtmlAdaptor in the JBoss web application server, present in versions of Cisco's CS-MARS prior to 4.2.1, is susceptible to a remote code execution vulnerability. Attackers can exploit this weakness to gain administrator privileges and execute arbitrary Java code utilizing the invokeOp action within the BSHDeployer jboss.scripts service. This vulnerability poses a significant risk, allowing unauthorized access and control over the system.

References

http://www.securityfocus.com/bid/19071

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/27811

vdb-entryx_refsource_XF

http://www.cisco.com/warp/public/707/cisco-sa-20060719-ma...

vendor-advisoryx_refsource_CISCO

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 21, 2006
Vulnerability Reserved
Jul 19, 2006