CVE-2011-2546

CVE Database · CVE-2011-2546

CVE-2011-2546

· N/AModified

CVSS v3.1

N/A

EPSS

1.09%

Published

Jul 28, 2011

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtq65669.

Weaknesses (CWE)

CWE-89

Affected Products (11)

cisco · sa500_softwarevulnerable

cisco · sa520vulnerable

cisco · sa520wvulnerable

References (10)

http://secunia.com/advisories/45355

Vendor Advisory

http://securitytracker.com/id?1025810

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml

Vendor Advisory

http://www.securityfocus.com/bid/48812

https://exchange.xforce.ibmcloud.com/vulnerabilities/68737

http://secunia.com/advisories/45355

Vendor Advisory

http://securitytracker.com/id?1025810

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8915e.shtml

Vendor Advisory

http://www.securityfocus.com/bid/48812

KEV Catalog EPSS Scores Vendors All CVEs