{"api_version":"1","generated_at":"2026-06-05T16:49:21+00:00","cve":"CVE-2011-2547","urls":{"html":"https://cve.report/CVE-2011-2547","api":"https://cve.report/api/cve/CVE-2011-2547.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2011-2547","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2011-2547"},"summary":{"title":"CVE-2011-2547","description":"The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681.","state":"PUBLISHED","assigner":"cisco","published_at":"2011-07-28 22:55:02","updated_at":"2026-04-29 01:13:23"},"problem_types":["CWE-264","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"9","severity":"","vector":"AV:N/AC:L/Au:S/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.securityfocus.com/bid/48810","name":"http://www.securityfocus.com/bid/48810","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Cisco SA 500 Series Appliances Web Management Interface Remote Command Injection Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://secunia.com/advisories/45355","name":"http://secunia.com/advisories/45355","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Cisco SA 500 Series Web Management Interface Two Vulnerabilities - Advisories - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/68738","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/68738","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml","name":"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Cisco Security Advisory: Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities - Cisco Systems","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1025810","name":"http://securitytracker.com/id?1025810","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Cisco SA500 Series Security Appliance Lets Remote Users Inject SQL Commands and Remote Authenticated Users Gain Root Privileges - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2011-2547","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-2547","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2011","cve_id":"2547","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"sa500_software","cpe6":"1.0.14","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"2547","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"sa500_software","cpe6":"1.0.15","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"2547","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"sa500_software","cpe6":"1.0.17","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"2547","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"sa500_software","cpe6":"1.0.39","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"2547","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"sa500_software","cpe6":"1.1.21","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"2547","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"sa500_software","cpe6":"1.1.42","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"2547","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"sa500_software","cpe6":"1.1.65","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"2547","vulnerable":"1","versionEndIncluding":"2.1.18","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"sa500_software","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"2547","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"sa520","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"2547","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"sa520w","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"2547","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"sa540","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T23:08:22.904Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"45355","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/45355"},{"name":"cisco-sa500-interface-command-exec(68738)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/68738"},{"name":"20110720 Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities","tags":["vendor-advisory","x_refsource_CISCO","x_transferred"],"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml"},{"name":"1025810","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1025810"},{"name":"48810","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/48810"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2011-07-20T00:00:00.000Z","descriptions":[{"lang":"en","value":"The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-08-28T12:57:01.000Z","orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco"},"references":[{"name":"45355","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/45355"},{"name":"cisco-sa500-interface-command-exec(68738)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/68738"},{"name":"20110720 Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities","tags":["vendor-advisory","x_refsource_CISCO"],"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml"},{"name":"1025810","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1025810"},{"name":"48810","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/48810"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@cisco.com","ID":"CVE-2011-2547","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"45355","refsource":"SECUNIA","url":"http://secunia.com/advisories/45355"},{"name":"cisco-sa500-interface-command-exec(68738)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/68738"},{"name":"20110720 Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities","refsource":"CISCO","url":"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml"},{"name":"1025810","refsource":"SECTRACK","url":"http://securitytracker.com/id?1025810"},{"name":"48810","refsource":"BID","url":"http://www.securityfocus.com/bid/48810"}]}}}},"cveMetadata":{"assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","assignerShortName":"cisco","cveId":"CVE-2011-2547","datePublished":"2011-07-28T22:00:00.000Z","dateReserved":"2011-06-27T00:00:00.000Z","dateUpdated":"2024-08-06T23:08:22.904Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2011-07-28 22:55:02","lastModifiedDate":"2026-04-29 01:13:23","problem_types":["CWE-264","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:sa500_software:*:*:*:*:*:*:*:*","versionEndIncluding":"2.1.18","matchCriteriaId":"F34CEB78-9F68-4BF7-BB70-7AF03524CA9D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:sa500_software:1.0.14:*:*:*:*:*:*:*","matchCriteriaId":"988B2905-DE56-417F-BDFC-26C3120F4FE9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:sa500_software:1.0.15:*:*:*:*:*:*:*","matchCriteriaId":"0B1DCFEE-D2CA-46EC-B92B-7BC6D84A863F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:sa500_software:1.0.17:*:*:*:*:*:*:*","matchCriteriaId":"C6969B8E-BA94-4E5C-8864-886EC7DB5568"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:sa500_software:1.0.39:*:*:*:*:*:*:*","matchCriteriaId":"3F3EFD6F-BCA3-4578-ACB7-CDA48C66F8A8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:sa500_software:1.1.21:*:*:*:*:*:*:*","matchCriteriaId":"C8D0F427-03DB-4B77-AD44-2CF30A3A8468"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:sa500_software:1.1.42:*:*:*:*:*:*:*","matchCriteriaId":"9D1CC976-BE22-4C5B-A877-ED78544C2730"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:sa500_software:1.1.65:*:*:*:*:*:*:*","matchCriteriaId":"CE089465-47D4-48EC-878A-B045E78A6D7A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:sa520:*:*:*:*:*:*:*:*","matchCriteriaId":"41EA22A9-7330-473D-A8F6-625EACF21B35"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:sa520w:*:*:*:*:*:*:*:*","matchCriteriaId":"5C7A7463-BCAC-4DD8-920A-2D3134D3B579"},{"vulnerable":true,"criteria":"cpe:2.3:h:cisco:sa540:*:*:*:*:*:*:*:*","matchCriteriaId":"86F2ED99-EB36-4FB6-8404-BF0DDD2B2AEA"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2011","CveId":"2547","Ordinal":"1","Title":"CVE-2011-2547","CVE":"CVE-2011-2547","Year":"2011"},"notes":[{"CveYear":"2011","CveId":"2547","Ordinal":"1","NoteData":"The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681.","Type":"Description","Title":"CVE-2011-2547"},{"CveYear":"2011","CveId":"2547","Ordinal":"2","NoteData":"2011-07-28","Type":"Other","Title":"Published"},{"CveYear":"2011","CveId":"2547","Ordinal":"3","NoteData":"2017-08-28","Type":"Other","Title":"Modified"}]}}}