CVE-2013-1192

EUVD-2013-1232
The JAR files on Cisco Device Manager for Cisco MDS 9000 devices before 5.2.8, and Cisco Device Manager for Cisco Nexus 5000 devices, allow remote attackers to execute arbitrary commands on Windows client machines via a crafted element-manager.jnlp file, aka Bug IDs CSCty17417 and CSCty10802.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
Affected Products (NVD)
VendorProductVersion
ciscoadaptive_security_appliance_device_manager
𝑥
≤ 5.2.5
ciscoadaptive_security_appliance_device_manager
5.0.1
ciscoadaptive_security_appliance_device_manager
5.0.2
ciscoadaptive_security_appliance_device_manager
5.0.4
ciscoadaptive_security_appliance_device_manager
5.0.5
ciscoadaptive_security_appliance_device_manager
5.0.6
ciscoadaptive_security_appliance_device_manager
5.0.7
ciscoadaptive_security_appliance_device_manager
5.0.8
ciscoadaptive_security_appliance_device_manager
5.0.9
ciscoadaptive_security_appliance_device_manager
5.1.1
ciscoadaptive_security_appliance_device_manager
5.1.2
ciscoadaptive_security_appliance_device_manager
5.2.1
ciscoadaptive_security_appliance_device_manager
5.2.2
ciscoadaptive_security_appliance_device_manager
5.2.3
ciscoadaptive_security_appliance_device_manager
5.2.4
cisconexus_5000
-
cisconexus_5010
-
cisconexus_5010p_switch
-
cisconexus_5020
-
cisconexus_5020p_switch
-
cisconexus_5548p
-
cisconexus_5548up
-
cisconexus_5596up
-
ciscoadaptive_security_appliance_device_manager
𝑥
≤ 5.2.5
ciscoadaptive_security_appliance_device_manager
5.0.1
ciscoadaptive_security_appliance_device_manager
5.0.2
ciscoadaptive_security_appliance_device_manager
5.0.4
ciscoadaptive_security_appliance_device_manager
5.0.5
ciscoadaptive_security_appliance_device_manager
5.0.6
ciscoadaptive_security_appliance_device_manager
5.0.7
ciscoadaptive_security_appliance_device_manager
5.0.8
ciscoadaptive_security_appliance_device_manager
5.0.9
ciscoadaptive_security_appliance_device_manager
5.1.1
ciscoadaptive_security_appliance_device_manager
5.1.2
ciscoadaptive_security_appliance_device_manager
5.2.1
ciscoadaptive_security_appliance_device_manager
5.2.2
ciscoadaptive_security_appliance_device_manager
5.2.3
ciscoadaptive_security_appliance_device_manager
5.2.4
ciscomds_9000
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-fmdm
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-fmdm