6.8
CVE-2013-1196
- EPSS 0.08%
- Veröffentlicht 29.04.2013 21:55:37
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle psirt@cisco.com
- Teams Watchlist Login
- Unerledigt Login
The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning Manager, Network Services Manager, Prime Data Center Network Manager (DCNM), and Quad does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCug29384, CSCug13866, CSCug29400, CSCug29406, CSCug29411, CSCug29413, CSCug29416, CSCug29418, CSCug29422, CSCug29425, and CSCug29426, a different issue than CVE-2013-1125.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Application Networking Manager Version-
Cisco ≫ Context Directory Agent Version-
Cisco ≫ Identity Services Engine Software Version-
Cisco ≫ Network Services Manager Version-
Cisco ≫ Prime Collaboration Version-
Cisco ≫ Prime Data Center Network Manager Version-
Cisco ≫ Prime Lan Management Solution Version-
Cisco ≫ Prime Network Control System Version-
Cisco ≫ Secure Access Control System Version-
Cisco ≫ Unified Provisioning Manager Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.208 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 3.1 | 10 |
AV:L/AC:L/Au:S/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.