Release date:
Updated on:
Affected Systems:
Cisco Prime LAN Management Solution 4.2.2
Cisco Prime LAN Management Solution 4.2.1
Cisco Prime LAN Management Solution 4.2
Cisco Prime LAN Management Solution 4.1
Cisco Prime LAN Management Solution
Unaffected system:
Cisco Prime LAN Management Solution 4.2.3
Description:
--------------------------------------------------------------------------------
Bugtraq id: 57221
CVE (CAN) ID: CVE-2012-6392
CiscoWorks LAN Management Solution (LMS) is a LAN Management Suite that simplifies configuration, Management, monitoring, and maintenance of CISCO networks.
Cisco Prime LAN Management Solution (LMS) Virtual Appliance has an arbitrary command execution vulnerability in implementation. This vulnerability stems from incorrect authentication and authorization commands sent to a TCP port. An unauthenticated attacker can exploit this vulnerability by connecting to the affected system and sending arbitrary commands. Only Linux devices are affected.
<* Source: vendor
Link: http://seclists.org/fulldisclosure/2013/Jan/42? Utm_source = twitterfeed & utm_medium = twitter
Http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-lms
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Cisco
-----
Cisco has released a Security Bulletin (cisco-sa-20130109-lms) and patches for this:
Cisco-sa-20130109-lms: Cisco Prime LAN Management Solution Command Execution Vulnerability
Link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-lms
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
