CVE-2013-1125: Input Validation
First published: Tue Feb 19 2013(Updated: )
The command-line interface in Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, and Network Services Manager does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCue46001, CSCud95790, CSCue46021, CSCue46025, CSCue46023, CSCue46058, CSCue46013, CSCue46031, CSCue46035, and CSCue46042.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Application Networking Manager | ||
| Cisco Context Directory Agent | ||
| Cisco Identity Services Engine Software | ||
| Cisco Network Services Manager | ||
| Cisco Prime Collaboration | ||
| Cisco Prime LAN Management Solution | ||
| Cisco Prime Network Control System | ||
| Cisco Quad | ||
| Cisco Secure Access Control System | ||
| Cisco Unified Provisioning Manager |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2013-1125?
CVE-2013-1125 has a medium severity rating with a score of 6.8.
What systems are affected by CVE-2013-1125?
CVE-2013-1125 affects various Cisco products including Identity Services Engine, Secure Access Control System, and Prime LAN Management Solution.
How do I fix CVE-2013-1125?
To fix CVE-2013-1125, update the affected Cisco products to their latest versions provided by Cisco.
What type of vulnerability is CVE-2013-1125?
CVE-2013-1125 is classified under CWE-20, which pertains to input validation issues.
Is CVE-2013-1125 still a risk today?
The risk posed by CVE-2013-1125 depends on whether vulnerable versions of the affected Cisco products are still in use.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/cisco
- canonical/cisco application networking manager
- canonical/cisco context directory agent
- canonical/cisco identity services engine software
- canonical/cisco network services manager
- canonical/cisco prime collaboration
- canonical/cisco prime lan management solution
- canonical/cisco prime network control system
- canonical/cisco quad
- canonical/cisco secure access control system
- canonical/cisco unified provisioning manager