HOME > VULNERABILITY NOTES


   VULNERABILITY NOTE

 

CERT-In Vulnerability Note CIVN-2010-52
Cisco Digital Media Manager Privilege Escalation Vulnerability

Original Issue Date: March 09, 2010

Severity Rating: Medium

System Affected

  • Cisco Digital Media Manager versions 5.0.x and 5.1.x

Overview

A vulnerability has been reported in Cisco Digital Media Manager that could allow a remote attacker to gain elevated privileges.

Description

Cisco Digital Media Manager is web based media management application. It allows content owners to publish, edit the digital media content for live or on demand playback. The vulnerability in the Cisco Digital Media Manager exists because of an unspecified flaw in it.  A remote authenticated user can exploit the vulnerability to gain elevated privileges on a targeted device.  After gaining the additional privileges, he may modify the configuration and obtain complete control over the device.

Solution

Apply appropriate software fixes as mentioned in
Cisco Security Advisory

Vendor Information

CISCO
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmm.shtml

References

CISCO
http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmm.shtml
http://tools.cisco.com/security/center/viewAlert.x?alertId=19986

VUPEN
http://www.vupen.com/english/advisories/2010/0531

Security Tracker
http://securitytracker.com/alerts/2010/Mar/1023671.html

Security Focus
http://www.securityfocus.com/bid/38500

CVE Name
CVE-2010-0571

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003