Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5417

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2012-5417
Last Modified 25 Feb 2013 11:51:48
Published 02 Nov 2012 12:46:09
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-5417

Summary

Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands via JBoss Application Server Remote Method Invocation (RMI) services, aka Bug ID CSCtz44924.

Vulnerable Systems

Application

  • Cisco Prime Data Center Network Manager 4.1%282%29

  • Cisco Prime Data Center Network Manager 4.1%283%29

  • Cisco Prime Data Center Network Manager 4.1%284%29

  • Cisco Prime Data Center Network Manager 4.1%285%29

  • Cisco Prime Data Center Network Manager 4.2%281%29

  • Cisco Prime Data Center Network Manager 4.2%283%29

  • Cisco Prime Data Center Network Manager 5.0%282%29

  • Cisco Prime Data Center Network Manager 5.0%283%29

  • Cisco Prime Data Center Network Manager 5.1%281%29

  • Cisco Prime Data Center Network Manager 5.1%282%29

  • Cisco Prime Data Center Network Manager 5.1%283u%29

  • Cisco Prime Data Center Network Manager 5.2%282%29

  • Cisco Prime Data Center Network Manager 5.2%282a%29

  • Cisco Prime Data Center Network Manager 5.2%282b%29

  • Cisco Prime Data Center Network Manager 5.2%282c%29

  • Cisco Prime Data Center Network Manager 5.2%282e%29

  • Cisco Prime Data Center Network Manager 6.1%281a%29

  • Cisco Prime Data Center Network Manager 6.1%281b%29


References

CISCO - 20121031 Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability

SECTRACK - 1027712

BID - 56348


Last Updated: 27 May 2016 10:49:48