CVE-2013-1192

2013-04-2510:55:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2013-1192

cisco

device manager

mds 9000

nexus 5000

remote attack

windows

command execution

jar file

bug ids

cscty17417

cscty10802

nvd

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

74.4%

JSON

The JAR files on Cisco Device Manager for Cisco MDS 9000 devices before 5.2.8, and Cisco Device Manager for Cisco Nexus 5000 devices, allow remote attackers to execute arbitrary commands on Windows client machines via a crafted element-manager.jnlp file, aka Bug IDs CSCty17417 and CSCty10802.

CPENameOperatorVersion
cisco:adaptive_security_appliance_device_managercisco adaptive security appliance device managerle5.2.5
cisco:adaptive_security_appliance_device_managercisco adaptive security appliance device managereq5.0.1
cisco:adaptive_security_appliance_device_managercisco adaptive security appliance device managereq5.0.2
cisco:adaptive_security_appliance_device_managercisco adaptive security appliance device managereq5.0.4
cisco:adaptive_security_appliance_device_managercisco adaptive security appliance device managereq5.0.5
cisco:adaptive_security_appliance_device_managercisco adaptive security appliance device managereq5.0.6
cisco:adaptive_security_appliance_device_managercisco adaptive security appliance device managereq5.0.7
cisco:adaptive_security_appliance_device_managercisco adaptive security appliance device managereq5.0.8
cisco:adaptive_security_appliance_device_managercisco adaptive security appliance device managereq5.0.9
cisco:adaptive_security_appliance_device_managercisco adaptive security appliance device managereq5.1.1

CPE	Name	Operator	Version
cisco:adaptive_security_appliance_device_manager	cisco adaptive security appliance device manager	le	5.2.5
cisco:adaptive_security_appliance_device_manager	cisco adaptive security appliance device manager	eq	5.0.1
cisco:adaptive_security_appliance_device_manager	cisco adaptive security appliance device manager	eq	5.0.2
cisco:adaptive_security_appliance_device_manager	cisco adaptive security appliance device manager	eq	5.0.4
cisco:adaptive_security_appliance_device_manager	cisco adaptive security appliance device manager	eq	5.0.5
cisco:adaptive_security_appliance_device_manager	cisco adaptive security appliance device manager	eq	5.0.6
cisco:adaptive_security_appliance_device_manager	cisco adaptive security appliance device manager	eq	5.0.7
cisco:adaptive_security_appliance_device_manager	cisco adaptive security appliance device manager	eq	5.0.8
cisco:adaptive_security_appliance_device_manager	cisco adaptive security appliance device manager	eq	5.0.9
cisco:adaptive_security_appliance_device_manager	cisco adaptive security appliance device manager	eq	5.1.1