Command Execution Vulnerability in Cisco Device Manager for MDS 9000 and Nexus 5000
CVE-2013-1192

Currently unrated

Key Information:

Vendor
Cisco
Status
Adaptive Security Appliance Device Manager
Nexus 5000
Nexus 5010
Nexus 5010p Switch
Vendor
CVE Published:
25 April 2013

Summary

This vulnerability in Cisco Device Manager allows remote attackers to execute arbitrary commands on Windows client systems through a specially crafted element-manager.jnlp file. Affected versions include those prior to 5.2.8 for Cisco MDS 9000 devices and Cisco Nexus 5000 devices, potentially impacting numerous users and systems if exploited. Proper security measures should be implemented to mitigate the risk of this vulnerability.

References

http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.