• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: CiscoWorks Common Services Unspecified Remote Code Execution Vulnerability

Severity: HIGH

Description:

CiscoWorks Common Services is a set of management services used by other CiscoWorks applications.

Common Services is prone to an unspecified remote code-execution vulnerability.

This issue allows remote attackers to execute arbitrary machine code on affected devices. Failed exploit attempts will likely result in denial-of-service conditions. The vulnerability is documented in Cisco Bug ID CSCsm77245.

No further technical details are currently available. We will update this BID as more information emerges.

Affected Products:

• Cisco Cisco Security Manager (CSM) 3.0
• Cisco Cisco Security Manager (CSM) 3.0.1
• Cisco Cisco Security Manager (CSM) 3.0.2
• Cisco Cisco Security Manager (CSM) 3.1
• Cisco Cisco Security Manager (CSM) 3.1.1
• Cisco Cisco Security Manager (CSM) 3.2
• Cisco Cisco Unified Operations Manager (CUOM) 1.1
• Cisco Cisco Unified Operations Manager (CUOM) 2.0
• Cisco Cisco Unified Operations Manager (CUOM) 2.0.1
• Cisco Cisco Unified Operations Manager (CUOM) 2.0.2
• Cisco Cisco Unified Operations Manager (CUOM) 2.0.3
• Cisco Cisco Unified Service Manager (CUSM) 1.1
• Cisco Cisco Unified Service Manager (CUSM) 2.0
• Cisco Cisco Unified Service Manager (CUSM) 2.0.1
• Cisco CiscoWorks Common Services 3.0.3
• Cisco CiscoWorks Common Services 3.0.4
• Cisco CiscoWorks Common Services 3.0.5
• Cisco CiscoWorks Common Services 3.0.6
• Cisco CiscoWorks Common Services 3.1
• Cisco CiscoWorks Common Services 3.1.1
• Cisco Lan Management Solution 0.0.0
• Cisco Lan Management Solution 2.5
• Cisco Lan Management Solution 2.5.1
• Cisco Lan Management Solution 2.6
• Cisco Lan Management Solution 3.0
• Cisco QoS Policy Manager 0.0.0
• Cisco QoS Policy Manager 4.0
• Cisco QoS Policy Manager 4.0.1
• Cisco QoS Policy Manager 4.0.2
• Cisco TelePresence Readiness Assessment Manager (CTRAM) 1.0

References:

• Cisco: Cisco Homepage
• Cisco: CiscoWorks Server CD-One Patches

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.