This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
Detail | |||
---|---|---|---|
Vendor | Cisco | First view | 2013-04-18 |
Product | Network Admission Control Manager And Server System Software | Last view | 2013-04-18 |
Version | 4.8.0 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2013-04-18 | CVE-2013-1177 | SQL injection vulnerability in Cisco Network Admission Control (NAC) Manager before 4.8.3.1 and 4.9.x before 4.9.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCub23095. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2013-A-0095 | Cisco Network Admission Control Manager SQL Injection Vulnerability Severity: Category I - VMSKEY: V0037762 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2013-09-05 | Name: The remote device is missing a vendor-supplied security update. File: cisco-sa-20130417-nac.nasl - Type: ACT_GATHER_INFO |