var-201304-0255
Vulnerability from variot
The JAR files on Cisco Device Manager for Cisco MDS 9000 devices before 5.2.8, and Cisco Device Manager for Cisco Nexus 5000 devices, allow remote attackers to execute arbitrary commands on Windows client machines via a crafted element-manager.jnlp file, aka Bug IDs CSCty17417 and CSCty10802. Vendors have confirmed this vulnerability Bug ID CSCty17417 and CSCty10802 It is released as.Skillfully crafted by a third party element-manager.jnlp Through the file Windows An arbitrary code may be executed on the client machine. Successful exploits may allow an attacker to execute arbitrary commands with the privileges of the user running the affected application. These issues are being tracked by Cisco Bug IDs CSCty17417 and CSCty10802
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201304-0255",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "adaptive security appliance device manager",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.2.4"
},
{
"model": "adaptive security appliance device manager",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.0.9"
},
{
"model": "adaptive security appliance device manager",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.2.2"
},
{
"model": "adaptive security appliance device manager",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.2.1"
},
{
"model": "adaptive security appliance device manager",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.0.5"
},
{
"model": "adaptive security appliance device manager",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.1.2"
},
{
"model": "adaptive security appliance device manager",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.2.3"
},
{
"model": "adaptive security appliance device manager",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.0.8"
},
{
"model": "adaptive security appliance device manager",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.1.1"
},
{
"model": "nexus 5020p switch",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "adaptive security appliance device manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0.7"
},
{
"model": "nexus 5010p switch",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 5010",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "adaptive security appliance device manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0.4"
},
{
"model": "adaptive security appliance device manager",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "5.2.5"
},
{
"model": "adaptive security appliance device manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0.6"
},
{
"model": "nexus 5000",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "mds 9000",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "nexus 5020",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 5548p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 5596up",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "adaptive security appliance device manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0.1"
},
{
"model": "nexus 5548up",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "adaptive security appliance device manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0.2"
},
{
"model": "device manager",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "5.2.8 (cisco mds 9000 device )"
},
{
"model": "device manager",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "5.x (cisco nexus 5000 device )"
},
{
"model": "mds 9000 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 5010 switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 5010p switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 5020 switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 5020p switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 5548p switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 5548up switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 5596up switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "adaptive security appliance device manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.2.5"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002477"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-531"
},
{
"db": "NVD",
"id": "CVE-2013-1192"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:adaptive_security_appliance_device_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:mds_9000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:nexus_5010_switch",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:nexus_5010p_switch",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:nexus_5020_switch",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:nexus_5020p_switch",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:nexus_5548p_switch",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:nexus_5548up_switch",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:nexus_5596up_switch",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002477"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "59449"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-531"
}
],
"trust": 0.9
},
"cve": "CVE-2013-1192",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2013-1192",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-61194",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-1192",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-1192",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201304-531",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-61194",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61194"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002477"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-531"
},
{
"db": "NVD",
"id": "CVE-2013-1192"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The JAR files on Cisco Device Manager for Cisco MDS 9000 devices before 5.2.8, and Cisco Device Manager for Cisco Nexus 5000 devices, allow remote attackers to execute arbitrary commands on Windows client machines via a crafted element-manager.jnlp file, aka Bug IDs CSCty17417 and CSCty10802. Vendors have confirmed this vulnerability Bug ID CSCty17417 and CSCty10802 It is released as.Skillfully crafted by a third party element-manager.jnlp Through the file Windows An arbitrary code may be executed on the client machine. \nSuccessful exploits may allow an attacker to execute arbitrary commands with the privileges of the user running the affected application. \nThese issues are being tracked by Cisco Bug IDs CSCty17417 and CSCty10802",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1192"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002477"
},
{
"db": "BID",
"id": "59449"
},
{
"db": "VULHUB",
"id": "VHN-61194"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-1192",
"trust": 2.8
},
{
"db": "BID",
"id": "59449",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002477",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201304-531",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "53190",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20130424 CISCO DEVICE MANAGER COMMAND EXECUTION VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-61194",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61194"
},
{
"db": "BID",
"id": "59449"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002477"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-531"
},
{
"db": "NVD",
"id": "CVE-2013-1192"
}
]
},
"id": "VAR-201304-0255",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-61194"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T23:02:52.355000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20130424-fmdm",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-fmdm"
},
{
"title": "Cisco Device Manager Remote Command Execution (CSCty17417)",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=2148\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S711"
},
{
"title": "29019",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=29019"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002477"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61194"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002477"
},
{
"db": "NVD",
"id": "CVE-2013-1192"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130424-fmdm"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1192"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1192"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/53190"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/59449"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61194"
},
{
"db": "BID",
"id": "59449"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002477"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-531"
},
{
"db": "NVD",
"id": "CVE-2013-1192"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-61194"
},
{
"db": "BID",
"id": "59449"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002477"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-531"
},
{
"db": "NVD",
"id": "CVE-2013-1192"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-25T00:00:00",
"db": "VULHUB",
"id": "VHN-61194"
},
{
"date": "2013-04-24T00:00:00",
"db": "BID",
"id": "59449"
},
{
"date": "2013-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002477"
},
{
"date": "2013-04-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-531"
},
{
"date": "2013-04-25T10:55:01.787000",
"db": "NVD",
"id": "CVE-2013-1192"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-61194"
},
{
"date": "2013-04-24T00:00:00",
"db": "BID",
"id": "59449"
},
{
"date": "2013-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002477"
},
{
"date": "2013-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-531"
},
{
"date": "2024-11-21T01:49:05.190000",
"db": "NVD",
"id": "CVE-2013-1192"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-531"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco MDS 9000 and Nexus 5000 For devices Cisco Device Manager Vulnerable to arbitrary command execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002477"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-531"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.