Command Execution Vulnerability in Cisco Prime LAN Management Solution
CVE-2012-6392

Currently unrated

Key Information:

Vendor
Cisco
Status
Prime Lan Management Solution
Vendor
CVE Published:
17 January 2013

Summary

A command execution vulnerability exists in Cisco Prime LAN Management Solution versions 4.1 through 4.2.2 on Linux. This flaw arises due to inadequate validation of authentication and authorization requests within TCP sessions. An attacker can exploit this weakness to execute arbitrary commands remotely by crafting a specially designed session. This vulnerability emphasizes the need for secure session management and robust validation processes to protect against unauthorized command executions.

References

http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.