CVE-2013-1125

Name of the Vulnerable Software and Affected Versions Cisco Identity Services Engine Software (affected versions not specified) Cisco Secure Access Control System (ACS) (affected versions not specified) Cisco Application Networking Manager (ANM) (affected versions not specified) Cisco Prime LAN Management Solution (LMS) (affected versions not specified) Cisco Prime Network Control System (affected versions not specified) Cisco Quad (affected versions not specified) Cisco Context Directory Agent (affected versions not specified) Cisco Prime Collaboration (affected versions not specified) Cisco Unified Provisioning Manager (affected versions not specified) Cisco Network Services Manager (affected versions not specified)

Description The command-line interface in various Cisco software products does not properly validate input, allowing local users to obtain root privileges.

Recommendations For Cisco Identity Services Engine Software, update to a version that properly validates input in the command-line interface. For Cisco Secure Access Control System (ACS), update to a version that properly validates input in the command-line interface. For Cisco Application Networking Manager (ANM), update to a version that properly validates input in the command-line interface. For Cisco Prime LAN Management Solution (LMS), update to a version that properly validates input in the command-line interface. For Cisco Prime Network Control System, update to a version that properly validates input in the command-line interface. For Cisco Quad, update to a version that properly validates input in the command-line interface. For Cisco Context Directory Agent, update to a version that properly validates input in the command-line interface. For Cisco Prime Collaboration, update to a version that properly validates input in the command-line interface. For Cisco Unified Provisioning Manager, update to a version that properly validates input in the command-line interface. For Cisco Network Services Manager, update to a version that properly validates input in the command-line interface.