9.3

CVE-2011-0688

EPSS 2.68%
Published 31.01.2011 21:00:25
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111.  NOTE: some of these details are obtained from third party information.

Affected products Warnungen 0 Metrics 2 CWE 1 References 9

Data is provided by the National Vulnerability Database (NVD)

Symantec ≫ Antivirus Version10.0 Editioncorporate

Symantec ≫ Antivirus Version10.0 Updatemr1 Editioncorporate

Symantec ≫ Antivirus Version10.0 Updatemr2 Editioncorporate

Symantec ≫ Antivirus Version10.0.1 Editioncorporate

Symantec ≫ Antivirus Version10.0.1.1 Editioncorporate

Symantec ≫ Antivirus Version10.0.1.2 Editioncorporate

Symantec ≫ Antivirus Version10.0.2 Editioncorporate

Symantec ≫ Antivirus Version10.0.2.1 Editioncorporate

Symantec ≫ Antivirus Version10.0.2.2 Editioncorporate

Symantec ≫ Antivirus Version10.0.3 Editioncorporate

Symantec ≫ Antivirus Version10.0.4 Editioncorporate

Symantec ≫ Antivirus Version10.0.5 Editioncorporate

Symantec ≫ Antivirus Version10.0.6 Editioncorporate

Symantec ≫ Antivirus Version10.0.7 Editioncorporate

Symantec ≫ Antivirus Version10.0.8 Editioncorporate

Symantec ≫ Antivirus Version10.0.9 Editioncorporate

Symantec ≫ Antivirus Version10.1 Editioncorporate

Symantec ≫ Antivirus Version10.1 Updatemp1 Editioncorporate

Symantec ≫ Antivirus Version10.1 Updatemr4 Editioncorporate

Symantec ≫ Antivirus Version10.1 Updatemr5 Editioncorporate

Symantec ≫ Antivirus Version10.1 Updatemr6 Editioncorporate

Symantec ≫ Antivirus Version10.1 Updatemr7 Editioncorporate

Symantec ≫ Antivirus Version10.1.0.1 Editioncorporate

Symantec ≫ Antivirus Version10.1.4 Editioncorporate

Symantec ≫ Antivirus Version10.1.4.1 Editioncorporate

Symantec ≫ Antivirus Version10.1.5 Editioncorporate

Symantec ≫ Antivirus Version10.1.5.1 Editioncorporate

Symantec ≫ Antivirus Version10.1.6 Editioncorporate

Symantec ≫ Antivirus Version10.1.6.1 Editioncorporate

Symantec ≫ Antivirus Version10.1.7 Editioncorporate

Symantec ≫ Antivirus Version10.1.8 Editioncorporate

Symantec ≫ Antivirus Version10.1.9 Editioncorporate

Symantec ≫ Antivirus Version10.2 Editioncorporate

Symantec ≫ Antivirus Version10.2 Updatemr2 Editioncorporate

Symantec ≫ Antivirus Version10.2 Updatemr3 Editioncorporate

Symantec ≫ System Center Version10.0

Symantec ≫ System Center Version10.1

Symantec ≫ Antivirus Central Quarantine Server Version3.5

Symantec ≫ Antivirus Central Quarantine Server Version3.6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.68%	0.845

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://secunia.com/advisories/43099

Vendor Advisory

http://www.securityfocus.com/bid/45936

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00

http://www.vupen.com/english/advisories/2011/0234

Vendor Advisory

http://securitytracker.com/id?1024996

https://exchange.xforce.ibmcloud.com/vulnerabilities/65071

https://nvd.nist.gov/vuln/detail/CVE-2011-0688

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-0688

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-0688

EUVD