Sybase SQL Anywhere Vulnerability in CiscoWorks Common Services
CVE-2011-2042

Currently unrated

Key Information:

Vendor: Cisco
Status: Ciscoworks Common Services
Vendor: CVE Published:; 22 October 2011

Summary

The Sybase SQL Anywhere database component in CiscoWorks Common Services versions 3.x and 4.x prior to 4.1 has a vulnerability that allows remote attackers to potentially access sensitive information, such as the engine name and database port. This exposure occurs through an undefined request directed at UDP port 2638, leaving the database configuration open to unauthorized scrutiny and potential exploitation.

References

http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_commo...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 22, 2011