HTTP: Cisco MARS JMX

This signature detects attempts to exploit a known vulnerability against Cisco MARS Jmx engine. A successful attack can lead to arbitrary code execution.

Extended Description

Cisco Security Monitoring, Analysis and Response System (CS-MARS) is prone to multiple vulnerabilities, including privilege-escalation, arbitrary command-execution, and information-disclosure issues. An attacker could exploit these issues to retrieve potentially sensitive information and possibly execute arbitrary commands with superuser privileges. This may facilitate a remote compromise of affected computers. Cisco has released version 4.2.1 to address these issues; prior versions are reported vulnerable. This BID has been separated into the following individual records and is therefore being retired: BID 19073 (Cisco Security Monitoring Analysis and Response System Information Disclosure Vulnerabilities) BID 19075 (Cisco Security Monitoring Analysis and Response System Arbitrary Command Execution Vulnerability) BID 19077 (Cisco Security Monitoring Analysis and Response System Multiple Privilege Escalation Vulnerabilities)

Affected Products

Cisco cs-mars

Short Name
HTTP:CISCO:MARS-JMX
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2006-3733 Cisco JMX MARS bid:19071
Release Date
01/22/2007
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
False Positive
Unknown
Vendors

Cisco

CVSS Score

7.5

Found a potential security threat?