Signature Detail
Short Name |
APP:CISCO:SECURITY-AGENT-CE |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Cisco Security Agent Management Center Code Execution |
Release Date |
2014/05/02 |
Update Number |
2371 |
Supported Platforms |
idp-4.0+, isg-3.4+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Cisco Security Agent Management Center Code Execution
This signature detects attempts to exploit a known vulnerability against Cisco Security Agent. Successful exploitation would result in execution of arbitrary code on the vulnerable host under the context of the SYSTEM user.
Extended Description
Cisco Security Agent is prone to a remote code-execution service vulnerability. Successful exploits will allow attackers to modify agent policies and system configuration and perform other administrative tasks, resulting in the complete compromise of an affected device. Failed exploit attempts will result in a denial-of-service condition. This issue is tracked by Cisco Bug ID CSCtj51216.
Affected Products
- Cisco Security Agent 5.1
- Cisco Security Agent 5.1.0.117
- Cisco Security Agent 5.1.0 .79
- Cisco Security Agent 5.2
- Cisco Security Agent 5.2.0.285
- Cisco Security Agent 5.2.0.296
- Cisco Security Agent 6.0
- Cisco Security Agent 6.0(1.126)
- Cisco Security Agent 6.0.1.132
- Cisco Security Agent 6.0(2.099)
References
- BugTraq: 46420
- CVE: CVE-2011-0364