Strix
26.1K

CVE-2013-1196

UnknownEPSS 0.30%

Last modified

CVE-2013-1196 is a vulnerability of currently unknown severity. The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning Manager, Network Services Manager, Prime Data Center Network Manager (DCNM), and Quad does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCug29384, CSCug13866, CSCug29400, CSCug29406, CSCug29411, CSCug29413, CSCug29416, CSCug29418, CSCug29422, CSCug29425, and CSCug29426, a different issue than CVE-2013-1125.. EPSS estimates a 0.30% chance of exploitation in the next 30 days.

Description

The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning Manager, Network Services Manager, Prime Data Center Network Manager (DCNM), and Quad does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCug29384, CSCug13866, CSCug29400, CSCug29406, CSCug29411, CSCug29413, CSCug29416, CSCug29418, CSCug29422, CSCug29425, and CSCug29426, a different issue than CVE-2013-1125.

Metrics

EPSS Probability
0.30%

21.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoApplication Networking ManagerAll versions
CiscoContext Directory AgentAll versions
CiscoIdentity Services Engine SoftwareAll versions
CiscoNetwork Services ManagerAll versions
CiscoPrime CollaborationAll versions
CiscoPrime Data Center Network ManagerAll versions
CiscoPrime Lan Management SolutionAll versions
CiscoPrime Network Control SystemAll versions
CiscoQuadAll versions
CiscoSecure Access Control SystemAll versions
CiscoUnified Provisioning ManagerAll versions

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2013-1196?
The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning Manager, Network Services Manager, Prime Data Center Network Manager (DCNM), and Quad does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCug29384, CSCug13866, CSCug29400, CSCug29406, CSCug29411, CSCug29413, CSCug29416, CSCug29418, CSCug29422, CSCug29425, and CSCug29426, a different issue than CVE-2013-1125.
How severe is CVE-2013-1196?
Severity scoring for CVE-2013-1196 is pending analysis. The EPSS model estimates a 0.30% probability of exploitation in the next 30 days.
How do I fix CVE-2013-1196?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-1196?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST