Published: 17/01/2013 Updated: 29/01/2013

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Subscribe to Prime Lan Management Solution

Cisco Prime LAN Management Solution (LMS) 4.1 up to and including 4.2.2 on Linux does not properly validate authentication and authorization requests in TCP sessions, which allows remote malicious users to execute arbitrary commands via a crafted session, aka Bug ID CSCuc79779.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco prime_lan_management_solution 4.2
cisco prime_lan_management_solution 4.1
cisco prime_lan_management_solution 4.2.2
cisco prime_lan_management_solution 4.2.1

Cisco Prime LAN Management Solution (LMS) Virtual Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands with the privileges of the root user The vulnerability is due to improper validation of authentication and authorization commands sent to certain TCP ports An attacker could exploi ...

CWE-20 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-lms https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-lms

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-6392

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect