CVE-2013-3431

Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:N/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
VendorProductVersion
ciscovideo_surveillance_manager
𝑥
≤ 6.3.3
ciscovideo_surveillance_manager
1.1.0
ciscovideo_surveillance_manager
1.2.1
ciscovideo_surveillance_manager
2.0.0
ciscovideo_surveillance_manager
2.1
ciscovideo_surveillance_manager
2.1.2
ciscovideo_surveillance_manager
2.1.3
ciscovideo_surveillance_manager
2.1.4
ciscovideo_surveillance_manager
2.1.6
ciscovideo_surveillance_manager
2.1.7
ciscovideo_surveillance_manager
2.3.0
ciscovideo_surveillance_manager
2.3.1
ciscovideo_surveillance_manager
4.0.1
ciscovideo_surveillance_manager
4.2.0
ciscovideo_surveillance_manager
4.2.1
ciscovideo_surveillance_manager
6.3
ciscovideo_surveillance_manager
6.3.1
ciscovideo_surveillance_manager
6.3.2
ciscovideo_surveillance_manager
6.3.2:mr1
ciscovideo_surveillance_manager
6.3.2:mr2
ciscovideo_surveillance_manager
6.3.2:mr3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm
http://www.securityfocus.com/bid/61431
http://www.securitytracker.com/id/1028827
https://exchange.xforce.ibmcloud.com/vulnerabilities/85945
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm
http://www.securityfocus.com/bid/61431
http://www.securitytracker.com/id/1028827
https://exchange.xforce.ibmcloud.com/vulnerabilities/85945