Cisco 多个产品CLI Root Shell访问权限提升漏洞

发布日期:2013-02-20
更新日期:2013-02-22

受影响系统:
Cisco Identity Services Engine 1.x
 Cisco Context Directory Agent 1.x
 Cisco Network Services Manager 5.x
 Cisco Prime Collaboration 9.x
描述:
--------------------------------------------------------------------------------
CVE(CAN) ID: CVE-2013-1125
 
多个思科产品(Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, Network Services Manager)的命令行界面没有正确验证输入,可允许已验证的本地用户获取root的shell访问权限。
 
<*来源:vendor
 
  链接:
       
 *>

建议:
--------------------------------------------------------------------------------
厂商补丁:
 
Cisco
 -----
 Cisco已经为此发布了一个安全公告(CVE-2013-1125)以及相应补丁:
 CVE-2013-1125:Multiple Cisco Product Root Shell Access Vulnerability
 链接:

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:https://www.heiqu.com/wywxdw.html