CVE-2011-4237

CVE Database · CVE-2011-4237

CVE-2011-4237

· N/AModified

CVSS v3.1

N/A

EPSS

1.17%

Published

May 3, 2012

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

CRLF injection vulnerability in autologin.jsp in Cisco CiscoWorks Common Services 4.0, as used in Cisco Prime LAN Management Solution and other products, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the URL parameter, aka Bug ID CSCtu18693.

Weaknesses (CWE)

CWE-94

Affected Products (2)

cisco · ciscoworks_common_servicesvulnerable

cisco · prime_lan_management_solution

References (6)

http://secunia.com/advisories/49094

http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/4.2/release/notes/lms42rel.html

http://www.nessus.org/plugins/index.php?view=single&id=58950

http://secunia.com/advisories/49094

http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/4.2/release/notes/lms42rel.html

http://www.nessus.org/plugins/index.php?view=single&id=58950

KEV Catalog EPSS Scores Vendors All CVEs