CVE-2011-1647: Infoleak
First published: Tue May 31 2011(Updated: )
The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the private key for the admin SSL certificate via unspecified vectors, aka Bug ID CSCtn23871.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco RVS4000 Firmware | =1 | |
| Cisco RVS4000 Firmware | =2 | |
| Cisco RVS4000 | =1.3.0.5 | |
| Cisco RVS4000 | =1.3.1.0 | |
| Cisco RVS4000 | =1.3.2.0 | |
| Cisco RVS4000 | =2.0.0.3 | |
| Cisco WRVS4400N Wireless-N Gigabit Security Router | =1.0 | |
| Cisco WRVS4400N Wireless-N Gigabit Security Router | =1.1 | |
| Cisco WRVS4400N Wireless-N Gigabit Security Router | =2 | |
| Cisco WRVS4400N | =1.3.0.5 | |
| Cisco WRVS4400N | =1.3.1.0 | |
| Cisco WRVS4400N | =1.3.2.0 | |
| Cisco WRVS4400N | =2.0.0.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2011-1647?
CVE-2011-1647 has been classified as a high severity vulnerability due to the potential for unauthorized access to the admin SSL certificate.
How do I fix CVE-2011-1647?
To fix CVE-2011-1647, you should upgrade the firmware of your Cisco RVS4000 or WRVS4400N routers to the latest version available that addresses this vulnerability.
What products are affected by CVE-2011-1647?
CVE-2011-1647 affects the Cisco RVS4000 and WRVS4400N routers running specific versions of their firmware.
What type of vulnerability is CVE-2011-1647?
CVE-2011-1647 is a remote code execution vulnerability that allows attackers to read sensitive information such as the SSL certificate's private key.
How can I determine if my Cisco device is vulnerable to CVE-2011-1647?
You can determine if your Cisco device is vulnerable to CVE-2011-1647 by checking the firmware version against the versions listed in the vulnerability description.
- collector/nvd-historical
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco rvs4000 firmware
- version/cisco rvs4000 firmware/1
- version/cisco rvs4000 firmware/2
- canonical/cisco rvs4000
- version/cisco rvs4000/1.3.0.5
- version/cisco rvs4000/1.3.1.0
- version/cisco rvs4000/1.3.2.0
- version/cisco rvs4000/2.0.0.3
- canonical/cisco wrvs4400n wireless-n gigabit security router
- version/cisco wrvs4400n wireless-n gigabit security router/1.0
- version/cisco wrvs4400n wireless-n gigabit security router/1.1
- version/cisco wrvs4400n wireless-n gigabit security router/2
- canonical/cisco wrvs4400n
- version/cisco wrvs4400n/1.3.0.5
- version/cisco wrvs4400n/1.3.1.0
- version/cisco wrvs4400n/1.3.2.0
- version/cisco wrvs4400n/2.0.0.3