Details of VAR-201211-0363

ID

VAR-201211-0363

CVE

CVE-2012-5417

TITLE

Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability

Trust: 0.9

sources: BID: 56348 // CNNVD: CNNVD-201210-840

DESCRIPTION

Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands via JBoss Application Server Remote Method Invocation (RMI) services, aka Bug ID CSCtz44924. An attacker can exploit this issue to execute arbitrary commands within the context of the vulnerable application. This issue is tracked by Cisco Bug IDs CSCtz44924 and CSCua31204. The manager provides multi-protocol management of the network and provides troubleshooting capabilities for switch health and performance. ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Cisco Prime Data Center Network Manager JBoss Application Server Security Issue SECUNIA ADVISORY ID: SA51129 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51129/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51129 RELEASE DATE: 2012-11-01 DISCUSS ADVISORY: http://secunia.com/advisories/51129/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/51129/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=51129 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Cisco Prime Data Center Network Manager (DCNM), which can be exploited by malicious people to compromise a vulnerable system. Successful exploitation may allow execution of arbitrary code with privileges of SYSTEM or root user. The security issue is reported in versions prior to 6.1(1). SOLUTION: Update to version 6.1(1). PROVIDED AND/OR DISCOVERED BY: The vendor credits Paul O'Grady, Security Compass. ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-dcnm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2012-5417 // JVNDB: JVNDB-2012-005200 // BID: 56348 // VULHUB: VHN-58698 // PACKETSTORM: 117811

AFFECTED PRODUCTS

vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	4.2\(3\)	Trust: 1.6
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	5.0\(3\)	Trust: 1.6
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	5.1\(1\)	Trust: 1.6
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	5.0\(2\)	Trust: 1.6
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	4.1\(4\)	Trust: 1.6
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	4.1\(3\)	Trust: 1.6
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	5.1\(2\)	Trust: 1.6
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	4.1\(5\)	Trust: 1.6
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	4.2\(1\)	Trust: 1.6
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	4.1\(2\)	Trust: 1.6
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	5.2\(2a\)	Trust: 1.0
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	6.1\(1a\)	Trust: 1.0
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	5.2\(2\)	Trust: 1.0
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	6.1\(1b\)	Trust: 1.0
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	5.2\(2e\)	Trust: 1.0
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	5.1\(3u\)	Trust: 1.0
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	5.2\(2c\)	Trust: 1.0
vendor:	cisco	model:	prime data center network manager	scope:	eq	version:	5.2\(2b\)	Trust: 1.0
vendor:	cisco	model:	prime data center network manager	scope:	lt	version:	6.1(1)	Trust: 0.8

sources: JVNDB: JVNDB-2012-005200 // CNNVD: CNNVD-201210-840 // NVD: CVE-2012-5417

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-5417
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-5417
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201210-840
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-58698
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-5417
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-58698
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-58698 // JVNDB: JVNDB-2012-005200 // CNNVD: CNNVD-201210-840 // NVD: CVE-2012-5417

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-58698 // JVNDB: JVNDB-2012-005200 // NVD: CVE-2012-5417

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201210-840

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201210-840

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-005200

PATCH

title:	cisco-sa-20121031-dcnm	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-dcnm	Trust: 0.8
title:	cisco-sa-20121031-dcnm	url:	http://www.cisco.com/cisco/web/support/JP/111/1116/1116756_cisco-sa-20121031-dcnm-j.html	Trust: 0.8

sources: JVNDB: JVNDB-2012-005200

EXTERNAL IDS

db:	NVD	id:	CVE-2012-5417	Trust: 2.8
db:	BID	id:	56348	Trust: 2.0
db:	SECTRACK	id:	1027712	Trust: 1.1
db:	JVNDB	id:	JVNDB-2012-005200	Trust: 0.8
db:	CNNVD	id:	CNNVD-201210-840	Trust: 0.7
db:	SECUNIA	id:	51129	Trust: 0.7
db:	CISCO	id:	20121031 CISCO PRIME DATA CENTER NETWORK MANAGER REMOTE COMMAND EXECUTION VULNERABILITY	Trust: 0.6
db:	VULHUB	id:	VHN-58698	Trust: 0.1
db:	PACKETSTORM	id:	117811	Trust: 0.1

sources: VULHUB: VHN-58698 // BID: 56348 // JVNDB: JVNDB-2012-005200 // PACKETSTORM: 117811 // CNNVD: CNNVD-201210-840 // NVD: CVE-2012-5417

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20121031-dcnm	Trust: 1.8
url:	http://www.securityfocus.com/bid/56348	Trust: 1.7
url:	http://www.securitytracker.com/id?1027712	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5417	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5417	Trust: 0.8
url:	http://secunia.com/advisories/51129	Trust: 0.6
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=51129	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/advisories/51129/#comments	Trust: 0.1
url:	http://secunia.com/advisories/51129/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/blog/325/	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-58698 // JVNDB: JVNDB-2012-005200 // PACKETSTORM: 117811 // CNNVD: CNNVD-201210-840 // NVD: CVE-2012-5417

CREDITS

Paul O'Grady of Security Compass

Trust: 0.9

sources: BID: 56348 // CNNVD: CNNVD-201210-840

SOURCES

db:	VULHUB	id:	VHN-58698
db:	BID	id:	56348
db:	JVNDB	id:	JVNDB-2012-005200
db:	PACKETSTORM	id:	117811
db:	CNNVD	id:	CNNVD-201210-840
db:	NVD	id:	CVE-2012-5417

LAST UPDATE DATE

2024-11-23T22:13:54.382000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-58698	date:	2013-02-26T00:00:00
db:	BID	id:	56348	date:	2013-05-08T17:52:00
db:	JVNDB	id:	JVNDB-2012-005200	date:	2012-11-05T00:00:00
db:	CNNVD	id:	CNNVD-201210-840	date:	2012-11-08T00:00:00
db:	NVD	id:	CVE-2012-5417	date:	2024-11-21T01:44:40.393

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-58698	date:	2012-11-02T00:00:00
db:	BID	id:	56348	date:	2012-10-31T00:00:00
db:	JVNDB	id:	JVNDB-2012-005200	date:	2012-11-05T00:00:00
db:	PACKETSTORM	id:	117811	date:	2012-11-01T06:57:47
db:	CNNVD	id:	CNNVD-201210-840	date:	2012-10-31T00:00:00
db:	NVD	id:	CVE-2012-5417	date:	2012-11-02T04:46:09.310