Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands via JBoss Application Server Remote Method Invocation (RMI) services, aka Bug ID CSCtz44924.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:44
Type | Values Removed | Values Added |
---|---|---|
References | () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-dcnm - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/56348 - | |
References | () http://www.securitytracker.com/id?1027712 - |
Information
Published : 2012-11-02 04:46
Updated : 2024-11-21 01:44
NVD link : CVE-2012-5417
Mitre link : CVE-2012-5417
CVE.ORG link : CVE-2012-5417
JSON object : View
Products Affected
cisco
- prime_data_center_network_manager
CWE
CWE-264
Permissions, Privileges, and Access Controls