fkie_nvd - fkie_cve-2013-1125

fkie_cve-2013-1125

Vulnerability from fkie_nvd

Published

2013-02-19 23:55

Modified

2024-11-21 01:48

Severity ?

Summary

The command-line interface in Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, and Network Services Manager does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCue46001, CSCud95790, CSCue46021, CSCue46025, CSCue46023, CSCue46058, CSCue46013, CSCue46031, CSCue46035, and CSCue46042.

References

▼	URL	Tags
	psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1125
	af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1125

Impacted products

Vendor	Product	Version
cisco	application_networking_manager	-
cisco	context_directory_agent	-
cisco	identity_services_engine_software	-
cisco	network_services_manager	-
cisco	prime_collaboration	-
cisco	prime_lan_management_solution	-
cisco	prime_network_control_system	-
cisco	quad	-
cisco	secure_access_control_system	-
cisco	unified_provisioning_manager	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:application_networking_manager:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BC24E6-3295-4D09-AC77-F9B4DA0811BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:context_directory_agent:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9167B80B-DBD4-4B26-9BBB-98C9F246ED91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_software:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E2241B7-C8D4-4CA2-A333-EDD1877AD94D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:network_services_manager:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AE172B5-15D4-400D-BF3F-A2177C02331A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_collaboration:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D132E7DF-3B63-4A2A-AE65-C5F90CCF3878",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_lan_management_solution:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E09BFF1-6273-4BC4-9DFA-563F490E2754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_network_control_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7377B5F-AA6C-4042-BEB9-E7450059C99B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:quad:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C75C3800-0ADB-4B41-B4B0-1B9C923ADEEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "716A2EC7-4A03-4BB9-B787-6DD285E25056",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C175AC04-44FB-4FC5-B8A6-046A50C9B75C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The command-line interface in Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, and Network Services Manager does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCue46001, CSCud95790, CSCue46021, CSCue46025, CSCue46023, CSCue46058, CSCue46013, CSCue46031, CSCue46035, and CSCue46042."
    },
    {
      "lang": "es",
      "value": "La interfaz en l\u00ednea de comandos en Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, y Network Services Manager no validan correctamente las entradas, lo que permite a usuarios locales obtener privilegios de root mediante vectores no especificados, tambi\u00e9n conocido como Bugs IDs CSCue46001, CSCud95790, CSCue46021, CSCue46025, CSCue46023, CSCue46058, CSCue46013, CSCue46031, CSCue46035, and CSCue46042."
    }
  ],
  "id": "CVE-2013-1125",
  "lastModified": "2024-11-21T01:48:57.287",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-02-19T23:55:02.097",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1125"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1125"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2013-1125

Vulnerability from cvelistv5

Published

2013-02-19 23:00

Modified

2024-09-17 02:27