Remote Command Execution in CiscoWorks Internetwork Performance Monitor by Cisco
CVE-2008-1157

Currently unrated

Key Information:

Vendor

Cisco
Status
Ciscoworks Internetwork Performance Monitor
Vendor
CVE Published:
14 March 2008

What is CVE-2008-1157?

The vulnerability in CiscoWorks Internetwork Performance Monitor (IPM) 2.6 allows attackers to execute arbitrary commands on the affected system. This is achieved through the creation of a process that can open a command shell, which subsequently listens on a randomly chosen TCP port. As a result, unauthorized users may gain control over the device, significantly compromising network security and integrity. It is crucial for users of Cisco IPM to apply recommended patches and employ security measures to mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.cisco.com/warp/public/707/cisco-sa-20080313-ip...
vendor-advisoryx_refsource_CISCO
http://www.vupen.com/english/advisories/2008/0876/references
vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/41208
vdb-entryx_refsource_XF

EPSS Score

25% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.