CVE-2012-0691
published 2012-10-02CVE-2012-0691: CA License (aka CA Licensing) before 1.90.03 does not properly restrict system commands, which allows local users to gain privileges via unspecified vectors.
PriorityP429high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.34%
25.6th percentile
CA License (aka CA Licensing) before 1.90.03 does not properly restrict system commands, which allows local users to gain privileges via unspecified vectors.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| broadcom | license_software | <= 1.90.02 | — |
| broadcom | license_software | — | — |
| broadcom | license_software | — | — |
| broadcom | license_software | — | — |
| broadcom | license_software | — | — |
| broadcom | license_software | — | — |
| broadcom | license_software | — | — |
| broadcom | license_software | — | — |
| broadcom | license_software | — | — |
| broadcom | license_software | — | — |
| broadcom | license_software | — | — |
CVSS provenance
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vendor_cisco9.3CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xcr2-x29v-69wg: CA License (aka CA Licensing) before 1
ghsa_unreviewed·2022-05-13
CVE-2012-0691 [HIGH] GHSA-xcr2-x29v-69wg: CA License (aka CA Licensing) before 1
CA License (aka CA Licensing) before 1.90.03 does not properly restrict system commands, which allows local users to gain privileges via unspecified vectors.
Cisco
Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability
vendor_cisco·2015-04-15·CVSS 9.3
CVE-2015-0691 [CRITICAL] CWE-78 Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability
Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability
A vulnerability in a Cisco-signed Java Archive (JAR)
executable Cache Cleaner component of Cisco Secure Desktop could allow an
unauthenticated, remote attacker to execute arbitrary commands on the
client host where the affected .jar file is executed. Command execution would
occur with the privileges of the user.
The Cache Cleaner feature has been deprecated since November 2012.
There is no fixed software for this vulnerability. Cisco Secure Desktop packages that include the affected .jar files have been removed and are no longer available for download.
Because Cisco does not control all existing Cisco Secure Desktop packages, customers are advised to ensure that their Java blacklist controls have been updated to avoid p
Cisco
Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability
vendor_cisco
CVE-2015-0691 Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability
CVE-2015-0691: Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability
A vulnerability in a Cisco-signed Java Archive (JAR) executable Cache Cleaner component of Cisco Secure Desktop could allow an unauthenticated, remote attacker to execute arbitrary commands on the client host where the affected . jar file is executed. Command execution would occur with the privileges of the user. The Cache Cleaner feature has been deprecated since November 2012. There is no fixed software for this vulnerability. Cisco Secure Desktop packages that include the affected .jar files have been removed and are no longer available for download. Because Cisco does not control all existing Cisco Secure Desktop packages, customers are advised to ensure that their Java blacklist controls have been update
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2012-10/0011.htmlhttp://www.securitytracker.com/id?1027588https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B79CE87E4-7A35-48A3-99BA-5A0DBEDECA94%7Dhttp://archives.neohapsis.com/archives/bugtraq/2012-10/0011.htmlhttp://www.securitytracker.com/id?1027588https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B79CE87E4-7A35-48A3-99BA-5A0DBEDECA94%7D
2012-10-02
Published