CVE-2011-2546

Currently unrated

Key Information:

Vendor: Cisco
Status: Sa500 Software; Sa520; Sa520w; Sa540
Vendor: CVE Published:; 28 July 2011

Summary

SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtq65669.

References

http://secunia.com/advisories/45355

third-party-advisoryx_refsource_SECUNIA

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

http://securitytracker.com/id?1025810

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Jul 28, 2011
Vulnerability Reserved
Jun 27, 2011