{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-10-31T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands via JBoss Application Server Remote Method Invocation (RMI) services, aka Bug ID CSCtz44924."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-11-20T10:00:00", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "56348", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/56348"}, {"name": "20121031 Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-dcnm"}, {"name": "1027712", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1027712"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2012-5417", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands via JBoss Application Server Remote Method Invocation (RMI) services, aka Bug ID CSCtz44924."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "56348", "refsource": "BID", "url": "http://www.securityfocus.com/bid/56348"}, {"name": "20121031 Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-dcnm"}, {"name": "1027712", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1027712"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T21:05:47.226Z"}, "title": "CVE Program Container", "references": [{"name": "56348", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/56348"}, {"name": "20121031 Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-dcnm"}, {"name": "1027712", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1027712"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2012-5417", "datePublished": "2012-11-02T01:00:00", "dateReserved": "2012-10-17T00:00:00", "dateUpdated": "2024-08-06T21:05:47.226Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:4.1\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "6F0AE806-1C8D-4F11-A550-FF5754428A32", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:4.1\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "F81232DD-07EE-4D09-B65A-D7634E196511", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:4.1\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "D8AE2E29-39D9-403A-9CAC-BED892F52479", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:4.1\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "BA302085-58CB-474D-AAFE-6FD5599541A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:4.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "4C9A708D-8CF3-49A4-800C-D31799BCBB0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:4.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "03143D6F-6C97-4D8C-AD56-D5EB62F931EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:5.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "EEDD6E2D-A8A3-4448-908B-3AD7C06A7E45", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:5.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "F3C88480-385A-42DB-9D68-6F38AD4D2DB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:5.1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "E756CA24-C315-46F0-A94F-6A71C0AF7F53", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:5.1\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "69F43509-E1B7-4245-8D2D-89A9ACD8EEF2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:5.1\\(3u\\):*:*:*:*:*:*:*", "matchCriteriaId": "DED096A4-0D48-49AB-92D6-0A0608C6AEC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:5.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "F5A24647-F23B-4DEF-B63A-940DF910AD4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:5.2\\(2a\\):*:*:*:*:*:*:*", "matchCriteriaId": "DDFB0875-6956-4AAE-9AB8-5759247C636E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:5.2\\(2b\\):*:*:*:*:*:*:*", "matchCriteriaId": "61BFB7E8-82E4-4374-A7B9-CA10A606D304", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:5.2\\(2c\\):*:*:*:*:*:*:*", "matchCriteriaId": "265EB77A-11AE-4857-8D3C-B9039059E6FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:5.2\\(2e\\):*:*:*:*:*:*:*", "matchCriteriaId": "019F9B97-CE8B-4DE2-BACC-D1A68F4870B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:6.1\\(1a\\):*:*:*:*:*:*:*", "matchCriteriaId": "293BB089-B320-49BA-9C25-421D540905DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:prime_data_center_network_manager:6.1\\(1b\\):*:*:*:*:*:*:*", "matchCriteriaId": "09B17404-A841-4CDF-B4F7-016FD4AF5507", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands via JBoss Application Server Remote Method Invocation (RMI) services, aka Bug ID CSCtz44924."}, {"lang": "es", "value": "Cisco Prime Data Center Network Manager (DCNM) antes de v6.1(1) no restrige correctamente el acceso a ciertas funcionalidades de JBoss MainDeployer, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de servicios JBoss Application Server Remote Method Invocation (RMI), tambi\u00e9n conocido como Bug ID CSCtz44924."}], "id": "CVE-2012-5417", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-11-02T04:46:09.310", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-dcnm"}, {"source": "psirt@cisco.com", "url": "http://www.securityfocus.com/bid/56348"}, {"source": "psirt@cisco.com", "url": "http://www.securitytracker.com/id?1027712"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-dcnm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/56348"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1027712"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}