CiscoWorks Common Services Remote Command Injection Vulnerability

CiscoWorks Common Services is prone to a remote command-injection vulnerability.

A remote attacker can exploit this issue to execute arbitrary commands with system-level privileges on the underlying operating system.

This issue is being tracked by Cisco bug IDs CSCtq48990, CSCtq63992, CSCtq64011, CSCtq64019, CSCtr23090, and CSCtt25535.

The following applications are affected:

CiscoWorks LAN Management Solution
Security Manager
Unified Operations Manager
Unified Service Monitor
CiscoWorks QoS Policy Manager
CiscoWorks Voice Manager


Privacy Statement
Copyright 2010, SecurityFocus