Sign-up

ID

VAR-201708-0020


CVE

CVE-2011-4650


TITLE

Cisco Data Center Network Manager Resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2011-005403

DESCRIPTION

Cisco Data Center Network Manager is affected by Excessive Logging During a TCP Flood on Java Ports. If the size of server.log becomes very big because of too much logging by the DCNM server, then the CPU utilization increases. Known Affected Releases: 5.2(1). Known Fixed Releases: 6.0(0)SL1(0.14) 5.2(2.73)S0. Product identification: CSCtt15295. Vendors have confirmed this vulnerability Bug ID CSCtt15295 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. Attackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. This issue is being tracked by Cisco Bug ID's CSCtt15295 and CSCtt22554. The system is available for Cisco Nexus and MDS series switches and provides storage visualization, configuration and troubleshooting functions. Attackers can exploit this vulnerability to consume a large amount of CPU resources

Trust: 2.07

sources: NVD: CVE-2011-4650 // JVNDB: JVNDB-2011-005403 // BID: 100328 // VULHUB: VHN-52595 // VULMON: CVE-2011-4650

AFFECTED PRODUCTS

vendor:ciscomodel:data center network managerscope:eqversion:5.2\(1\)

Trust: 1.6

vendor:ciscomodel:data center network managerscope:eqversion:5.2(1)

Trust: 1.1

sources: BID: 100328 // JVNDB: JVNDB-2011-005403 // CNNVD: CNNVD-201708-247 // NVD: CVE-2011-4650

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-4650
value: HIGH

Trust: 1.0

NVD: CVE-2011-4650
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201708-247
value: MEDIUM

Trust: 0.6

VULHUB: VHN-52595
value: MEDIUM

Trust: 0.1

VULMON: CVE-2011-4650
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2011-4650
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-52595
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2011-4650
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-52595 // VULMON: CVE-2011-4650 // JVNDB: JVNDB-2011-005403 // CNNVD: CNNVD-201708-247 // NVD: CVE-2011-4650

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

sources: VULHUB: VHN-52595 // JVNDB: JVNDB-2011-005403 // NVD: CVE-2011-4650

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201708-247

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201708-247

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2011-005403

PATCH
title:Cisco Bug: CSCtt15295 - Excessive Logging During TCP Flood on Java Portsurl:https://quickview.cloudapps.cisco.com/quickview/bug/CSCtt15295
Trust: 0.8
title:Cisco Data Center Network Manager Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=72438
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2011-005403 // 
            
            
            
            CNNVD: CNNVD-201708-247

EXTERNAL IDS
db:NVDid:CVE-2011-4650
Trust: 2.9
db:JVNDBid:JVNDB-2011-005403
Trust: 0.8
db:CNNVDid:CNNVD-201708-247
Trust: 0.7
db:BIDid:100328
Trust: 0.5
db:VULHUBid:VHN-52595
Trust: 0.1
db:VULMONid:CVE-2011-4650
Trust: 0.1
sources:
            
            
            VULHUB: VHN-52595 // 
            
            
            
            VULMON: CVE-2011-4650 // 
            
            
            
            BID: 100328 // 
            
            
            
            JVNDB: JVNDB-2011-005403 // 
            
            
            
            CNNVD: CNNVD-201708-247 // 
            
            
            
            NVD: CVE-2011-4650

REFERENCES
url:https://quickview.cloudapps.cisco.com/quickview/bug/csctt15295
Trust: 1.8
url:https://icisystem.blogspot.com/2015/09/cisco-notification-alert-prime-dcnm-01.html
Trust: 1.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4650
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2011-4650
Trust: 0.8
url:https://www.cisco.com/c/en/us/products/cloud-systems-management/prime-data-center-network-manager/index.html
Trust: 0.3
url:http://www.cisco.com/
Trust: 0.3
url:https://bst.cloudapps.cisco.com/bugsearch/bug/csctt22554/?referring_site=ss&dtid=osscdc000283
Trust: 0.3
url:https://bst.cloudapps.cisco.com/bugsearch/bug/csctt15295/?referring_site=bugquickviewredir
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/399.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.securityfocus.com/bid/100328
Trust: 0.1
sources:
            
            
            VULHUB: VHN-52595 // 
            
            
            
            VULMON: CVE-2011-4650 // 
            
            
            
            BID: 100328 // 
            
            
            
            JVNDB: JVNDB-2011-005403 // 
            
            
            
            CNNVD: CNNVD-201708-247 // 
            
            
            
            NVD: CVE-2011-4650

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 100328

SOURCES
db:VULHUBid:VHN-52595
db:VULMONid:CVE-2011-4650
db:BIDid:100328
db:JVNDBid:JVNDB-2011-005403
db:CNNVDid:CNNVD-201708-247
db:NVDid:CVE-2011-4650

LAST UPDATE DATE
2024-08-14T15:39:32.698000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-52595date:2017-08-25T00:00:00
db:VULMONid:CVE-2011-4650date:2017-08-25T00:00:00
db:BIDid:100328date:2017-08-07T00:00:00
db:JVNDBid:JVNDB-2011-005403date:2017-09-14T00:00:00
db:CNNVDid:CNNVD-201708-247date:2017-08-11T00:00:00
db:NVDid:CVE-2011-4650date:2017-08-25T18:37:46.043

SOURCES RELEASE DATE
db:VULHUBid:VHN-52595date:2017-08-07T00:00:00
db:VULMONid:CVE-2011-4650date:2017-08-07T00:00:00
db:BIDid:100328date:2017-08-07T00:00:00
db:JVNDBid:JVNDB-2011-005403date:2017-09-14T00:00:00
db:CNNVDid:CNNVD-201708-247date:2017-08-11T00:00:00
db:NVDid:CVE-2011-4650date:2017-08-07T06:29:00.183