Lucene search

[email protected]NVD:CVE-2013-1196

HistoryApr 29, 2013 - 9:55 p.m.

CVE-2013-1196

2013-04-2921:55:37

CWE-20

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning Manager, Network Services Manager, Prime Data Center Network Manager (DCNM), and Quad does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCug29384, CSCug13866, CSCug29400, CSCug29406, CSCug29411, CSCug29413, CSCug29416, CSCug29418, CSCug29422, CSCug29425, and CSCug29426, a different issue than CVE-2013-1125.

Affected configurations

NVD

Node

ciscoapplication_networking_managerMatch-

ciscocontext_directory_agentMatch-

ciscoidentity_services_engine_softwareMatch-

cisconetwork_services_managerMatch-

ciscoprime_collaborationMatch-

ciscoprime_data_center_network_managerMatch-

ciscoprime_lan_management_solutionMatch-

ciscoprime_network_control_systemMatch-

ciscoquadMatch-

ciscosecure_access_control_systemMatch-

ciscounified_provisioning_managerMatch-

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1196

6.8 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2013-1196

cvelist2 cve2 prion2 cisco1 nvd1