CVE-2013-3431

{"id": "CVE-2013-3431", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-07-25T15:53:16.233", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/61431", "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1028827", "source": "ykramarz@cisco.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85945", "source": "ykramarz@cisco.com"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/61431", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1028827", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85945", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169."}, {"lang": "es", "value": "Cisco Video Surveillance Manager (VSM) anteriores a v7.0.0 no requiere autenticaci\u00f3n para acceder a las p\u00e1ginas de monitorizaci\u00f3n, permitiendo que atacantes remotos obtengan configuraci\u00f3n sensible, archivos, e informaci\u00f3n de los log mediante vectores no especificados, relacionados con el paquete Cisco_VSBWT (tambi\u00e9n conocido como c\u00f3digo de ejemplo Broadware), tambi\u00e9n referenciado como Bug ID CSCsv40169."}], "lastModified": "2024-11-21T01:53:37.293", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BD249B8-2081-483D-A371-E38BA9D895CE", "versionEndIncluding": "6.3.3"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:1.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C863918-442B-44F5-ABF1-0A209832BB99"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:1.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF417FA9-46DA-4547-9C8C-8D13D152BD57"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E292612-353A-425C-B6BB-456769A62C8F"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5FE9386E-AE00-4FC4-BBA5-98A02FE530B8"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CB2181A-A8D0-40F5-98E7-B56A604756FF"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CDF94CF-DD9B-4469-BAD0-AC8FDAF6E22B"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABB39563-3E1C-4B00-B7BD-553425881957"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA29A6C0-D895-46D4-BB89-0E5BE3EFDA89"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10067FC4-429B-462D-B609-4706D69964A3"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6693F521-FB27-4025-8782-44706AC180D9"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "242EED01-3AC9-48D8-B860-E56DAD22CE70"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F597E6F7-C170-4B68-8601-6CEA2D4FE531"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:4.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF1C753D-BA59-458F-92E1-1E1C9E9921AD"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:4.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA7119A6-236F-4C9B-8A9C-19B5E434BB4E"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0E37235-B44C-4981-9152-4F969F240862"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEB98F7B-29B9-4C4D-AE4C-AFB5D50EBD51"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F46AF1F-C993-43F4-A5EA-5219139FBFD1"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4982588-DCE4-4BD6-A0B1-FAB860A52C26"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "873923F0-05AB-40D1-81A8-7AB02CFFAD56"}, {"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F705FECE-EF41-4A2B-93CB-F88039A82DFF"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}