cisco-sa-20130417-nac

Cisco Network Admission Control Manager SQL Injection Vulnerability

cisco-sa-20130417-nac · Critical · Published 13 years ago · Updated 13 years ago

Cisco Network Admission Control (NAC) Manager contains a vulnerability that could allow an unauthenticated remote attacker to execute arbitrary code and take full control of the vulnerable system. A successful attack could allow an unauthenticated attacker to access, create or modify any information in the NAC Manager database.  Cisco has released software updates that address this vulnerability.  There are no workarounds for this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130417-nac

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds for the vulnerability described in this document.

CVEs	CVE-2013-1177
Cisco Bug IDs	CSCub23095
CVSS Score	Base 10.0 Base 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C
Product Names From Source	Cisco NAC Appliance Software

Related Products

Product	CVE	Evidence
Cisco NAC Appliance Software	CVE-2013-1177	Cisco OpenVuln

Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Cisco Network Admission Control Manager SQL Injection Vulnerability

Workarounds

Related Products