CVE-2013-3431

EUVD-2013-3366
Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
Affected Products (NVD)
VendorProductVersion
ciscovideo_surveillance_manager
𝑥
≤ 6.3.3
ciscovideo_surveillance_manager
1.1.0
ciscovideo_surveillance_manager
1.2.1
ciscovideo_surveillance_manager
2.0.0
ciscovideo_surveillance_manager
2.1
ciscovideo_surveillance_manager
2.1.2
ciscovideo_surveillance_manager
2.1.3
ciscovideo_surveillance_manager
2.1.4
ciscovideo_surveillance_manager
2.1.6
ciscovideo_surveillance_manager
2.1.7
ciscovideo_surveillance_manager
2.3.0
ciscovideo_surveillance_manager
2.3.1
ciscovideo_surveillance_manager
4.0.1
ciscovideo_surveillance_manager
4.2.0
ciscovideo_surveillance_manager
4.2.1
ciscovideo_surveillance_manager
6.3
ciscovideo_surveillance_manager
6.3.1
ciscovideo_surveillance_manager
6.3.2
ciscovideo_surveillance_manager
6.3.2:mr1
ciscovideo_surveillance_manager
6.3.2:mr2
ciscovideo_surveillance_manager
6.3.2:mr3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm
http://www.securityfocus.com/bid/61431
http://www.securitytracker.com/id/1028827
https://exchange.xforce.ibmcloud.com/vulnerabilities/85945
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm
http://www.securityfocus.com/bid/61431
http://www.securitytracker.com/id/1028827
https://exchange.xforce.ibmcloud.com/vulnerabilities/85945