6.8
CVE-2013-1125
- EPSS 0.08%
- Published 19.02.2013 23:55:02
- Last modified 11.04.2025 00:51:21
- Source psirt@cisco.com
- Teams watchlist Login
- Open Login
The command-line interface in Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, and Network Services Manager does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCue46001, CSCud95790, CSCue46021, CSCue46025, CSCue46023, CSCue46058, CSCue46013, CSCue46031, CSCue46035, and CSCue46042.
Data is provided by the National Vulnerability Database (NVD)
Cisco ≫ Application Networking Manager Version-
Cisco ≫ Context Directory Agent Version-
Cisco ≫ Identity Services Engine Software Version-
Cisco ≫ Network Services Manager Version-
Cisco ≫ Prime Collaboration Version-
Cisco ≫ Prime Lan Management Solution Version-
Cisco ≫ Prime Network Control System Version-
Cisco ≫ Secure Access Control System Version-
Cisco ≫ Unified Provisioning Manager Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.215 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 3.1 | 10 |
AV:L/AC:L/Au:S/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.