Strix
26.1K

CVE-2013-1125

UnknownEPSS 0.30%

Last modified

CVE-2013-1125 is a vulnerability of currently unknown severity. The command-line interface in Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, and Network Services Manager does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCue46001, CSCud95790, CSCue46021, CSCue46025, CSCue46023, CSCue46058, CSCue46013, CSCue46031, CSCue46035, and CSCue46042.. EPSS estimates a 0.30% chance of exploitation in the next 30 days.

Description

The command-line interface in Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, and Network Services Manager does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCue46001, CSCud95790, CSCue46021, CSCue46025, CSCue46023, CSCue46058, CSCue46013, CSCue46031, CSCue46035, and CSCue46042.

Metrics

EPSS Probability
0.30%

21.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoApplication Networking ManagerAll versions
CiscoContext Directory AgentAll versions
CiscoIdentity Services Engine SoftwareAll versions
CiscoNetwork Services ManagerAll versions
CiscoPrime CollaborationAll versions
CiscoPrime Lan Management SolutionAll versions
CiscoPrime Network Control SystemAll versions
CiscoQuadAll versions
CiscoSecure Access Control SystemAll versions
CiscoUnified Provisioning ManagerAll versions

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2013-1125?
The command-line interface in Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, and Network Services Manager does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCue46001, CSCud95790, CSCue46021, CSCue46025, CSCue46023, CSCue46058, CSCue46013, CSCue46031, CSCue46035, and CSCue46042.
How severe is CVE-2013-1125?
Severity scoring for CVE-2013-1125 is pending analysis. The EPSS model estimates a 0.30% probability of exploitation in the next 30 days.
How do I fix CVE-2013-1125?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-1125?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST