The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Prime DCNM

computer vulnerability CVE-2013-5486 CVE-2013-5487 CVE-2013-5490

Cisco Prime Data Center Network Manager: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Cisco Prime Data Center Network Manager.
Impacted products: Cisco Prime DCNM.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 18/09/2013.
Identifiers: BID-62483, BID-62484, BID-62485, CERTA-2013-AVI-534, CERTA-2013-AVI-637, cisco-sa-20130918-dcnm, CSCud80148, CSCue77029, CSCue77035, CSCue77036, CVE-2013-5486, CVE-2013-5487, CVE-2013-5490, VIGILANCE-VUL-13445.

Description of the vulnerability

Several vulnerabilities were announced in Cisco Prime DCNM (Data Center Network Manager).

An attacker can read system files, in order to obtain sensitive information. [severity:3/4; BID-62483, CSCue77029, CVE-2013-5487]

An attacker can execute commands on the system. [severity:3/4; BID-62484, CSCue77035, CSCue77036, CVE-2013-5486]

An attacker can use an XML entity, in order to obtain sensitive information. [severity:2/4; BID-62485, CSCud80148, CVE-2013-5490]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2012-5417

Cisco Prime Data Center Network Manager: code execution

Synthesis of the vulnerability

An attacker can connect to the RMI service of Cisco Prime Data Center Network Manager, in order to execute code with System/root privileges.
Impacted products: Cisco Prime DCNM.
Severity: 3/4.
Consequences: user access/rights.
Provenance: intranet client.
Creation date: 31/10/2012.
Revision date: 13/05/2013.
Identifiers: BID-56348, CERTA-2012-AVI-614, cisco-sa-20121031-dcnm, CSCtz44924, CSCua31204, CVE-2012-5417, VIGILANCE-VUL-12105.

Description of the vulnerability

The Cisco Data Center Network Manager product uses a JBoss application server.

The RMI (Remote Method Invocation) service of JBoss listens on port 1099 or 9099. However, the "jboss.system:service=MainDeployer" feature is reachable by all RMI clients. An attacker can thus use this feature to deploy a service, with administrator's privileges.

An attacker can therefore connect to the RMI service of Cisco Prime Data Center Network Manager, in order to execute code with System/root privileges.

The Cisco DCNM-SAN Server and Cisco DNCM-LAN Server products are vulnerable.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Prime DCNM: