Описание
The JAR files on Cisco Device Manager for Cisco MDS 9000 devices before 5.2.8, and Cisco Device Manager for Cisco Nexus 5000 devices, allow remote attackers to execute arbitrary commands on Windows client machines via a crafted element-manager.jnlp file, aka Bug IDs CSCty17417 and CSCty10802.
Уязвимые конфигурации
Конфигурация 1Версия до 5.2.5 (включая)
Одновременно
Одно из
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.2.4:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5010p_switch:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5020p_switch:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 5.2.5 (включая)
Одновременно
Одно из
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.2.4:*:*:*:*:*:*:*
cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00837
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
больше 3 лет назад
The JAR files on Cisco Device Manager for Cisco MDS 9000 devices before 5.2.8, and Cisco Device Manager for Cisco Nexus 5000 devices, allow remote attackers to execute arbitrary commands on Windows client machines via a crafted element-manager.jnlp file, aka Bug IDs CSCty17417 and CSCty10802.
EPSS
Процентиль: 74%
0.00837
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-20