Lucene search

[email protected]CVE-2013-1125

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-1125

2022-10-0316:14:47

CWE-20

[email protected]

web.nvd.nist.gov

cisco

identity services engine software

acs

anm

lms

root privileges

security vulnerability

cve-2013-1125

nvd

6.8 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The command-line interface in Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, and Network Services Manager does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCue46001, CSCud95790, CSCue46021, CSCue46025, CSCue46023, CSCue46058, CSCue46013, CSCue46031, CSCue46035, and CSCue46042.

Affected configurations

NVD

Node

ciscoapplication_networking_managerMatch-

ciscocontext_directory_agentMatch-

ciscoidentity_services_engine_softwareMatch-

cisconetwork_services_managerMatch-

ciscoprime_collaborationMatch-

ciscoprime_lan_management_solutionMatch-

ciscoprime_network_control_systemMatch-

ciscoquadMatch-

ciscosecure_access_control_systemMatch-

ciscounified_provisioning_managerMatch-

CPENameOperatorVersion
cisco:application_networking_managercisco application networking managereq-
cisco:context_directory_agentcisco context directory agenteq-
cisco:identity_services_engine_softwarecisco identity services engine softwareeq-
cisco:network_services_managercisco network services managereq-
cisco:prime_collaborationcisco prime collaborationeq-
cisco:prime_lan_management_solutioncisco prime lan management solutioneq-
cisco:prime_network_control_systemcisco prime network control systemeq-
cisco:quadcisco quadeq-
cisco:secure_access_control_systemcisco secure access control systemeq-
cisco:unified_provisioning_managercisco unified provisioning managereq-

CPE	Name	Operator	Version
cisco:application_networking_manager	cisco application networking manager	eq	-
cisco:context_directory_agent	cisco context directory agent	eq	-
cisco:identity_services_engine_software	cisco identity services engine software	eq	-
cisco:network_services_manager	cisco network services manager	eq	-
cisco:prime_collaboration	cisco prime collaboration	eq	-
cisco:prime_lan_management_solution	cisco prime lan management solution	eq	-
cisco:prime_network_control_system	cisco prime network control system	eq	-
cisco:quad	cisco quad	eq	-
cisco:secure_access_control_system	cisco secure access control system	eq	-
cisco:unified_provisioning_manager	cisco unified provisioning manager	eq	-