Lucene search

K

[email protected]NVD:CVE-2012-6392

HistoryJan 17, 2013 - 3:55 p.m.

CVE-2012-6392

2013-01-1715:55:01

CWE-20

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

87.9%

Cisco Prime LAN Management Solution (LMS) 4.1 through 4.2.2 on Linux does not properly validate authentication and authorization requests in TCP sessions, which allows remote attackers to execute arbitrary commands via a crafted session, aka Bug ID CSCuc79779.

Affected configurations

NVD

Node

ciscoprime_lan_management_solutionMatch4.1

OR

ciscoprime_lan_management_solutionMatch4.2

OR

ciscoprime_lan_management_solutionMatch4.2.1

OR

ciscoprime_lan_management_solutionMatch4.2.2

AND

linuxlinux_kernel

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-lms

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

87.9%

Related for NVD:CVE-2012-6392

cvelist1 cisco1 cve1 securityvulns1 openvas1 nessus1 checkpoint_advisories1 prion1 saint4