Lucene search

[email protected]CVE-2013-1196

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-1196

2022-10-0316:14:48

CWE-20

[email protected]

web.nvd.nist.gov

cisco

secure access control system

acs

identity services engine

context directory agent

application networking manager

anm

prime network control system

prime lan management solution

lms

prime collaboration

unified provisioning manager

network services manager

prime data center network manager

dcnm

quad

vulnerabilities

cve-2013-1196

bug ids

root privileges.

6.8 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning Manager, Network Services Manager, Prime Data Center Network Manager (DCNM), and Quad does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCug29384, CSCug13866, CSCug29400, CSCug29406, CSCug29411, CSCug29413, CSCug29416, CSCug29418, CSCug29422, CSCug29425, and CSCug29426, a different issue than CVE-2013-1125.

Affected configurations

NVD

Node

ciscoapplication_networking_managerMatch-

ciscocontext_directory_agentMatch-

ciscoidentity_services_engine_softwareMatch-

cisconetwork_services_managerMatch-

ciscoprime_collaborationMatch-

ciscoprime_data_center_network_managerMatch-

ciscoprime_lan_management_solutionMatch-

ciscoprime_network_control_systemMatch-

ciscoquadMatch-

ciscosecure_access_control_systemMatch-

ciscounified_provisioning_managerMatch-

CPENameOperatorVersion
cisco:application_networking_managercisco application networking managereq-
cisco:context_directory_agentcisco context directory agenteq-
cisco:identity_services_engine_softwarecisco identity services engine softwareeq-
cisco:network_services_managercisco network services managereq-
cisco:prime_collaborationcisco prime collaborationeq-
cisco:prime_data_center_network_managercisco prime data center network managereq-
cisco:prime_lan_management_solutioncisco prime lan management solutioneq-
cisco:prime_network_control_systemcisco prime network control systemeq-
cisco:quadcisco quadeq-
cisco:secure_access_control_systemcisco secure access control systemeq-

CPE	Name	Operator	Version
cisco:application_networking_manager	cisco application networking manager	eq	-
cisco:context_directory_agent	cisco context directory agent	eq	-
cisco:identity_services_engine_software	cisco identity services engine software	eq	-
cisco:network_services_manager	cisco network services manager	eq	-
cisco:prime_collaboration	cisco prime collaboration	eq	-
cisco:prime_data_center_network_manager	cisco prime data center network manager	eq	-
cisco:prime_lan_management_solution	cisco prime lan management solution	eq	-
cisco:prime_network_control_system	cisco prime network control system	eq	-
cisco:quad	cisco quad	eq	-
cisco:secure_access_control_system	cisco secure access control system	eq	-

Rows per page:

1-10 of 111

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1196

6.8 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2013-1196

cvelist2 nvd2 prion2 cisco1 cve1