Cisco Prime Data Center Network Manager RMI Remote Code Execution (credentialed check)
Critical Nessus Plugin ID 67248
SynopsisA network management system installed on the remote is affected by a remote code execution vulnerability.
DescriptionAccording to its self-reported version number, the version of Cisco Prime Data Center Network Manager (DCNM) installed on the remote host is affected by a remote code execution vulnerability. Unauthorized users have access to the JBoss Application Server Remote Method Invocation services. A remote, unauthenticated attacker could exploit this to execute arbitrary code as SYSTEM (on Windows) or root (on Linux).
SolutionUpgrade to Cisco Prime Data Center Network Manager 6.1(2) or later.