VYPR
← All advisories
Unrated severityNVD Advisory· Published Jul 28, 2011· Updated Apr 29, 2026

CVE-2011-2546

CVE-2011-2546

Description

SQL injection in Cisco SA 500 series web management interface allows remote unauthenticated attackers to execute arbitrary SQL commands.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

SQL injection in Cisco SA 500 series web management interface allows remote unauthenticated attackers to execute arbitrary SQL commands.

Vulnerability

A SQL injection vulnerability exists in the web-based management interface of Cisco SA 500 series security appliances running software versions prior to 2.1.19. The flaw, identified by Bug ID CSCtq65669, allows remote attackers to inject arbitrary SQL commands via unspecified vectors in the management interface. Affected models include the SA 520, SA 520W, SA 540, and SA 540W running firmware before 2.1.19 [1].

Exploitation

An attacker can exploit this vulnerability by sending specially crafted HTTP requests to the web-based management interface of an affected device. No authentication is required, and the attacker does not need prior access to the network beyond being able to reach the management interface over the network. The exact input vectors are not disclosed in the available references, but the advisory confirms that remote exploitation is possible [1].

Impact

Successful exploitation allows the attacker to execute arbitrary SQL commands against the underlying database. This can lead to unauthorized disclosure of sensitive configuration data, modification of device settings, or potential privilege escalation within the management interface. The impact is limited to the management interface's database and does not directly affect the appliance's core routing or security functions [1].

Mitigation

Cisco released firmware version 2.1.19 to address this vulnerability. Users should upgrade to version 2.1.19 or later on all affected SA 500 series appliances. No workarounds are documented in the advisory. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date [1].

References
  1. Cisco Products: Networking, Security, Data Center

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

12
  • Cisco Systems, Inc./Sa500 Software8 versions
    cpe:2.3:a:cisco:sa500_software:*:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:cisco:sa500_software:*:*:*:*:*:*:*:*range: <=2.1.18
    • cpe:2.3:a:cisco:sa500_software:1.0.14:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:sa500_software:1.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:sa500_software:1.0.17:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:sa500_software:1.0.39:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:sa500_software:1.1.21:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:sa500_software:1.1.42:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:sa500_software:1.1.65:*:*:*:*:*:*:*
  • Cisco Systems, Inc./Sa520
    cpe:2.3:h:cisco:sa520:*:*:*:*:*:*:*:*
  • Cisco Systems, Inc./Sa520w
    cpe:2.3:h:cisco:sa520w:*:*:*:*:*:*:*:*
  • Cisco Systems, Inc./Sa540
    cpe:2.3:h:cisco:sa540:*:*:*:*:*:*:*:*
  • Cisco Systems, Inc./SA 500 seriesllm-create
    Range: <2.1.19

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.