Remote Command Execution Vulnerability in Cisco Prime Data Center Network Manager
CVE-2012-5417

Currently unrated

Key Information:

Vendor
Cisco
Status
Prime Data Center Network Manager
Vendor
CVE Published:
2 November 2012

Summary

Cisco Prime Data Center Network Manager (DCNM) versions prior to 6.1(1) exhibit a vulnerability that fails to adequately restrict access to specific JBoss MainDeployer functions. This security flaw allows remote attackers to exploit JBoss Application Server Remote Method Invocation (RMI) services, facilitating the execution of arbitrary commands on targeted systems. This can lead to significant security breaches if left unaddressed.

References

http://www.securityfocus.com/bid/56348
vdb-entryx_refsource_BID
http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
http://www.securitytracker.com/id?1027712
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.