Vulnerability in Cisco Prime_data_center_network_manager

CVE-2012-5417

Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands via JBoss Application Server Remote Met…

EPSS: 0.025 (85.5th percentile) — read the EPSS interpretation.

Affected products

Cisco Prime_data_center_network_manager — versions 4.1\(2\), 4.1\(3\), 4.1\(4\)
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

56348 (vdb-entry, x_refsource_BID)
20121031 Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
1027712 (vdb-entry, x_refsource_SECTRACK)