Root Privilege Escalation in Cisco Identity Services Engine and Related Products
CVE-2013-1125

Currently unrated

Key Information:

Vendor: Cisco
Status: Prime Network Control System; Secure Access Control System; Prime Collaboration; Network Services Manager
Vendor: CVE Published:; 19 February 2013

Summary

The command-line interface in several Cisco products including the Identity Services Engine and Secure Access Control System fails to properly validate user input. This oversight allows local users to exploit the flaw and potentially gain root privileges through unspecified methods. This vulnerability relates to multiple Bug IDs including CSCue46001 and CSCud95790, emphasizing the range of products that may be affected. Users are advised to review their systems and implement necessary security measures to mitigate the risks associated with this vulnerability.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Feb 19, 2013