CVE-2012-6392
Cisco Prime LAN Management Solution 4.1-4.2.2 - Remote Code Execution via Crafted TCP Session
Title source: llmDescription
Cisco Prime LAN Management Solution (LMS) 4.1 through 4.2.2 on Linux does not properly validate authentication and authorization requests in TCP sessions, which allows remote attackers to execute arbitrary commands via a crafted session, aka Bug ID CSCuc79779.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-lms
Scores
EPSS
0.0464
EPSS Percentile
90.6%
Details
CWE
CWE-20
Status
published
Products (4)
cisco/prime_lan_management_solution
4.1
cisco/prime_lan_management_solution
4.2
cisco/prime_lan_management_solution
4.2.1
cisco/prime_lan_management_solution
4.2.2
Published
Jan 17, 2013
Tracked Since
Feb 18, 2026