CVE-2012-5417
published 2012-11-02CVE-2012-5417: Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote…
PriorityP357critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
3.13%
86.2th percentile
Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands via JBoss Application Server Remote Method Invocation (RMI) services, aka Bug ID CSCtz44924.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
| cisco | prime_data_center_network_manager | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_cisco10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qpjm-j8ww-v798: Cisco Prime Data Center Network Manager (DCNM) before 6
ghsa_unreviewed·2022-05-17
CVE-2012-5417 [HIGH] GHSA-qpjm-j8ww-v798: Cisco Prime Data Center Network Manager (DCNM) before 6
Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands via JBoss Application Server Remote Method Invocation (RMI) services, aka Bug ID CSCtz44924.
Cisco
Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability
vendor_cisco·2012-10-31·CVSS 10.0
CVE-2012-5417 [CRITICAL] CWE-200 Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability
Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability
Cisco Prime Data Center Network Manager (DCNM) contains a remote command execution vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands on the computer that is running the Cisco Prime DCNM application.Cisco has released software updates that address this vulnerability.This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-dcnmNote: After this advisory was initially published, it was found that in addition to the DCNM SAN server component that is part of the DCNM solution, the DCNM LAN server is also affected by the same vulnerability. This advisory has been updated to revision 2
Cisco
Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability
vendor_cisco
CVE-2012-5417 Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability
CVE-2012-5417: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability
Cisco Prime Data Center Network Manager (DCNM) contains a remote command execution vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands on the computer that is running the Cisco Prime DCNM application. Cisco has released software updates that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-dcnm Note: After this advisory was initially published, it was found that in addition to the DCNM SAN server component that is part of the DCNM solution, the DCNM LAN server is also affected by the same vulnerability. This advisory has been upda
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-dcnmhttp://www.securityfocus.com/bid/56348http://www.securitytracker.com/id?1027712http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-dcnmhttp://www.securityfocus.com/bid/56348http://www.securitytracker.com/id?1027712
2012-11-02
Published