Cisco Prime Data Center Network Manager RMI Remote Code Execution (uncredentialed check)

This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.


Synopsis :

A network management system installed on the remote host is affected
by a remote code execution vulnerability.

Description :

According to its self-reported version number, the version of Cisco
Prime Data Center Network Manager (DCNM) installed on the remote host
is affected by a remote code execution vulnerability. Unauthorized
users have access to the JBoss Application Server Remote Method
Invocation services. A remote, unauthenticated attacker could exploit
this to execute arbitrary code as SYSTEM (on Windows) or root (on
Linux).

This plugin determines if DCNM is vulnerable by checking the version
number displayed in the web interface. The web interface is not
available in older versions of DCNM.

See also :

http://www.nessus.org/u?d3b9ebfb

Solution :

Upgrade to Cisco Prime Data Center Network Manager 6.1(2) or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 67247 ()

Bugtraq ID: 56348

CVE ID: CVE-2007-1036
CVE-2012-5417

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now