CVE-2009-2046

{"id": "CVE-2009-2046", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-06-25T01:30:01.797", "references": [{"url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080ad1002.html", "source": "ykramarz@cisco.com"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ad0f8f.shtml", "tags": ["Patch", "Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/35478", "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id?1022445", "source": "ykramarz@cisco.com"}, {"url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080ad1002.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ad0f8f.shtml", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/35478", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1022445", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "The embedded web server on the Cisco Video Surveillance 2500 Series IP Camera with firmware before 2.1 allows remote attackers to read arbitrary files via a (1) http or (2) https request, related to the (a) SD Camera Web Server and the (b) Wireless Camera HTTP Server, aka Bug IDs CSCsu05515 and CSCsr96497."}, {"lang": "es", "value": "El servidor Web embebido en la c\u00e1mara IP de Cisco Video Surveillance 2500 Series con firmware anterior a v2.1 permite a atacantes remotos leer ficheros de su elecci\u00f3n a trav\u00e9s una petici\u00f3n (1) http o (2) https, relacionada con el (a) Servidor Web de c\u00e1mara SD (b) Servidor HTTP de c\u00e1mara inal\u00e1mbrica, tambi\u00e9n conocido como Bug IDs CSCsu05515 y CSCsr96497."}], "lastModified": "2024-11-21T01:04:00.327", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:video_surveillance_2500_series_ip_camera:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83469337-0A72-443E-84E9-F58F1741B7CC", "versionEndIncluding": "2.0"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}