This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
A network management system on the remote host has a remote code
According to its self-reported version number, the version of Cisco
Prime Data Center Network Manager (DCNM) installed on the remote host
has a remote code execution vulnerability. Unauthorized users have
access to the JBoss Application Server Remote Method Invocation
services. A remote, unauthenticated attacker could exploit this to
execute arbitrary code as SYSTEM (on Windows) or root (on Linux).
This plugin determines if DCNM is vulnerable by checking the version
number displayed in the web interface. The web interface is not
available in older versions of DCNM.
See also :
Upgrade to Cisco Prime Data Center Network Manager 6.1(2) or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true
Family: Gain a shell remotely
Nessus Plugin ID: 67247 ()
Bugtraq ID: 56348
CVE ID: CVE-2007-1036CVE-2012-5417
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.