cvelistv5 - cve-2013-3431

CVE-2013-3431 (GCVE-0-2013-3431)

Vulnerability from cvelistv5 – Published: 2013-07-25 15:00 – Updated: 2024-08-06 16:07

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://tools.cisco.com/security/center/content/Ci…	vendor-advisoryx_refsource_CISCO
	http://www.securityfocus.com/bid/61431	vdb-entryx_refsource_BID
	http://www.securitytracker.com/id/1028827	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:07:37.990Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-video-cve20133431-info-disc(85945)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85945"
          },
          {
            "name": "20130724 Multiple Vulnerabilities in the Cisco Video Surveillance Manager",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm"
          },
          {
            "name": "61431",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/61431"
          },
          {
            "name": "1028827",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1028827"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-07-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-video-cve20133431-info-disc(85945)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85945"
        },
        {
          "name": "20130724 Multiple Vulnerabilities in the Cisco Video Surveillance Manager",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm"
        },
        {
          "name": "61431",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/61431"
        },
        {
          "name": "1028827",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1028827"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2013-3431",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "cisco-video-cve20133431-info-disc(85945)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85945"
            },
            {
              "name": "20130724 Multiple Vulnerabilities in the Cisco Video Surveillance Manager",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm"
            },
            {
              "name": "61431",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/61431"
            },
            {
              "name": "1028827",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1028827"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2013-3431",
    "datePublished": "2013-07-25T15:00:00",
    "dateReserved": "2013-05-06T00:00:00",
    "dateUpdated": "2024-08-06T16:07:37.990Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.3.3\", \"matchCriteriaId\": \"0BD249B8-2081-483D-A371-E38BA9D895CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:1.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C863918-442B-44F5-ABF1-0A209832BB99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:1.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF417FA9-46DA-4547-9C8C-8D13D152BD57\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:2.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E292612-353A-425C-B6BB-456769A62C8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5FE9386E-AE00-4FC4-BBA5-98A02FE530B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:2.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0CB2181A-A8D0-40F5-98E7-B56A604756FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:2.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8CDF94CF-DD9B-4469-BAD0-AC8FDAF6E22B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:2.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ABB39563-3E1C-4B00-B7BD-553425881957\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:2.1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA29A6C0-D895-46D4-BB89-0E5BE3EFDA89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:2.1.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10067FC4-429B-462D-B609-4706D69964A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:2.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6693F521-FB27-4025-8782-44706AC180D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:2.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"242EED01-3AC9-48D8-B860-E56DAD22CE70\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:4.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F597E6F7-C170-4B68-8601-6CEA2D4FE531\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:4.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF1C753D-BA59-458F-92E1-1E1C9E9921AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:4.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA7119A6-236F-4C9B-8A9C-19B5E434BB4E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0E37235-B44C-4981-9152-4F969F240862\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:6.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEB98F7B-29B9-4C4D-AE4C-AFB5D50EBD51\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F46AF1F-C993-43F4-A5EA-5219139FBFD1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr1:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4982588-DCE4-4BD6-A0B1-FAB860A52C26\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr2:*:*:*:*:*:*\", \"matchCriteriaId\": \"873923F0-05AB-40D1-81A8-7AB02CFFAD56\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr3:*:*:*:*:*:*\", \"matchCriteriaId\": \"F705FECE-EF41-4A2B-93CB-F88039A82DFF\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169.\"}, {\"lang\": \"es\", \"value\": \"Cisco Video Surveillance Manager (VSM) anteriores a v7.0.0 no requiere autenticaci\\u00f3n para acceder a las p\\u00e1ginas de monitorizaci\\u00f3n, permitiendo que atacantes remotos obtengan configuraci\\u00f3n sensible, archivos, e informaci\\u00f3n de los log mediante vectores no especificados, relacionados con el paquete Cisco_VSBWT (tambi\\u00e9n conocido como c\\u00f3digo de ejemplo Broadware), tambi\\u00e9n referenciado como Bug ID CSCsv40169.\"}]",
      "id": "CVE-2013-3431",
      "lastModified": "2024-11-21T01:53:37.293",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:N/A:N\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-07-25T15:53:16.233",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/61431\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.securitytracker.com/id/1028827\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/85945\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/61431\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1028827\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/85945\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-3431\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2013-07-25T15:53:16.233\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169.\"},{\"lang\":\"es\",\"value\":\"Cisco Video Surveillance Manager (VSM) anteriores a v7.0.0 no requiere autenticaci\u00f3n para acceder a las p\u00e1ginas de monitorizaci\u00f3n, permitiendo que atacantes remotos obtengan configuraci\u00f3n sensible, archivos, e informaci\u00f3n de los log mediante vectores no especificados, relacionados con el paquete Cisco_VSBWT (tambi\u00e9n conocido como c\u00f3digo de ejemplo Broadware), tambi\u00e9n referenciado como Bug ID CSCsv40169.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:N/A:N\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.3.3\",\"matchCriteriaId\":\"0BD249B8-2081-483D-A371-E38BA9D895CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C863918-442B-44F5-ABF1-0A209832BB99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:1.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF417FA9-46DA-4547-9C8C-8D13D152BD57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E292612-353A-425C-B6BB-456769A62C8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FE9386E-AE00-4FC4-BBA5-98A02FE530B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CB2181A-A8D0-40F5-98E7-B56A604756FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:2.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CDF94CF-DD9B-4469-BAD0-AC8FDAF6E22B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:2.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABB39563-3E1C-4B00-B7BD-553425881957\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:2.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA29A6C0-D895-46D4-BB89-0E5BE3EFDA89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:2.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10067FC4-429B-462D-B609-4706D69964A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:2.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6693F521-FB27-4025-8782-44706AC180D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"242EED01-3AC9-48D8-B860-E56DAD22CE70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F597E6F7-C170-4B68-8601-6CEA2D4FE531\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF1C753D-BA59-458F-92E1-1E1C9E9921AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA7119A6-236F-4C9B-8A9C-19B5E434BB4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0E37235-B44C-4981-9152-4F969F240862\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:6.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEB98F7B-29B9-4C4D-AE4C-AFB5D50EBD51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F46AF1F-C993-43F4-A5EA-5219139FBFD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4982588-DCE4-4BD6-A0B1-FAB860A52C26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr2:*:*:*:*:*:*\",\"matchCriteriaId\":\"873923F0-05AB-40D1-81A8-7AB02CFFAD56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F705FECE-EF41-4A2B-93CB-F88039A82DFF\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/61431\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://www.securitytracker.com/id/1028827\",\"source\":\"psirt@cisco.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/85945\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/61431\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1028827\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/85945\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2013-3431

Vulnerability from fkie_nvd - Published: 2013-07-25 15:53 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/61431
psirt@cisco.com	http://www.securitytracker.com/id/1028827
psirt@cisco.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/85945
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/61431
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1028827
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/85945

Impacted products

Vendor	Product	Version
cisco	video_surveillance_manager	*
cisco	video_surveillance_manager	1.1.0
cisco	video_surveillance_manager	1.2.1
cisco	video_surveillance_manager	2.0.0
cisco	video_surveillance_manager	2.1
cisco	video_surveillance_manager	2.1.2
cisco	video_surveillance_manager	2.1.3
cisco	video_surveillance_manager	2.1.4
cisco	video_surveillance_manager	2.1.6
cisco	video_surveillance_manager	2.1.7
cisco	video_surveillance_manager	2.3.0
cisco	video_surveillance_manager	2.3.1
cisco	video_surveillance_manager	4.0.1
cisco	video_surveillance_manager	4.2.0
cisco	video_surveillance_manager	4.2.1
cisco	video_surveillance_manager	6.3
cisco	video_surveillance_manager	6.3.1
cisco	video_surveillance_manager	6.3.2
cisco	video_surveillance_manager	6.3.2
cisco	video_surveillance_manager	6.3.2
cisco	video_surveillance_manager	6.3.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BD249B8-2081-483D-A371-E38BA9D895CE",
              "versionEndIncluding": "6.3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C863918-442B-44F5-ABF1-0A209832BB99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF417FA9-46DA-4547-9C8C-8D13D152BD57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E292612-353A-425C-B6BB-456769A62C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FE9386E-AE00-4FC4-BBA5-98A02FE530B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CB2181A-A8D0-40F5-98E7-B56A604756FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CDF94CF-DD9B-4469-BAD0-AC8FDAF6E22B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB39563-3E1C-4B00-B7BD-553425881957",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA29A6C0-D895-46D4-BB89-0E5BE3EFDA89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "10067FC4-429B-462D-B609-4706D69964A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6693F521-FB27-4025-8782-44706AC180D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "242EED01-3AC9-48D8-B860-E56DAD22CE70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F597E6F7-C170-4B68-8601-6CEA2D4FE531",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF1C753D-BA59-458F-92E1-1E1C9E9921AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA7119A6-236F-4C9B-8A9C-19B5E434BB4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0E37235-B44C-4981-9152-4F969F240862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEB98F7B-29B9-4C4D-AE4C-AFB5D50EBD51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F46AF1F-C993-43F4-A5EA-5219139FBFD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr1:*:*:*:*:*:*",
              "matchCriteriaId": "E4982588-DCE4-4BD6-A0B1-FAB860A52C26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr2:*:*:*:*:*:*",
              "matchCriteriaId": "873923F0-05AB-40D1-81A8-7AB02CFFAD56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr3:*:*:*:*:*:*",
              "matchCriteriaId": "F705FECE-EF41-4A2B-93CB-F88039A82DFF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169."
    },
    {
      "lang": "es",
      "value": "Cisco Video Surveillance Manager (VSM) anteriores a v7.0.0 no requiere autenticaci\u00f3n para acceder a las p\u00e1ginas de monitorizaci\u00f3n, permitiendo que atacantes remotos obtengan configuraci\u00f3n sensible, archivos, e informaci\u00f3n de los log mediante vectores no especificados, relacionados con el paquete Cisco_VSBWT (tambi\u00e9n conocido como c\u00f3digo de ejemplo Broadware), tambi\u00e9n referenciado como Bug ID CSCsv40169."
    }
  ],
  "id": "CVE-2013-3431",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 7.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-07-25T15:53:16.233",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/61431"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1028827"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85945"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/61431"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1028827"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85945"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201307-0219

Vulnerability from variot - Updated: 2023-12-18 12:58

Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169. Vendors have confirmed this vulnerability Bug ID CSCsv40169 It is released as.A third party may obtain important configuration, archive, and log information. Cisco Video Surveillance Manager is prone to a remote authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism and gain administrative controls of the vulnerable device. This may lead to further attacks. This issue is tracked by Cisco Bug ID CSCsv40169. Versions prior to Cisco Video Surveillance Manager 7.0.0 are vulnerable. It provides a browser-based user interface for collecting, managing, recording, archiving and categorizing video from multiple third-party video encoders and IP cameras. The vulnerability comes from the fact that the program accessing the VSMC monitoring page does not require identity authentication

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201307-0219",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.2.1"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "6.3.1"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.2.1"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.2.0"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "6.3.2"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "6.3"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "2.1.6"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "2.1.2"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "2.1.7"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "2.1"
      },
      {
        "model": "video surveillance manager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.3.3"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "2.3.0"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "2.1.4"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.0.1"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "2.3.1"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "1.1.0"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "2.0.0"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "2.1.3"
      },
      {
        "model": "video surveillance manager",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "7.0.0"
      },
      {
        "model": "video surveillance manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "6.3.3"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003512"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3431"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-507"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:1.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.3.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:4.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:1.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:4.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-3431"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "61431"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-507"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2013-3431",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.8,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2013-3431",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-63433",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2013-3431",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201307-507",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-63433",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-63433"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003512"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3431"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-507"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169. Vendors have confirmed this vulnerability Bug ID CSCsv40169 It is released as.A third party may obtain important configuration, archive, and log information. Cisco Video Surveillance Manager is prone to a remote authentication-bypass vulnerability. \nAn attacker can exploit this issue to bypass the authentication  mechanism and gain administrative controls of the vulnerable device. This may lead to further attacks. \nThis issue is tracked by Cisco Bug ID CSCsv40169. \nVersions prior to Cisco Video Surveillance Manager 7.0.0 are vulnerable. It provides a browser-based user interface for collecting, managing, recording, archiving and categorizing video from multiple third-party video encoders and IP cameras. The vulnerability comes from the fact that the program accessing the VSMC monitoring page does not require identity authentication",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-3431"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003512"
      },
      {
        "db": "BID",
        "id": "61431"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63433"
      }
    ],
    "trust": 1.98
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-63433",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-63433"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-3431",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "61431",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1028827",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003512",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-507",
        "trust": 0.7
      },
      {
        "db": "CISCO",
        "id": "20130724 MULTIPLE VULNERABILITIES IN THE CISCO VIDEO SURVEILLANCE MANAGER",
        "trust": 0.6
      },
      {
        "db": "EXPLOIT-DB",
        "id": "24786",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-63433",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-63433"
      },
      {
        "db": "BID",
        "id": "61431"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003512"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3431"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-507"
      }
    ]
  },
  "id": "VAR-201307-0219",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-63433"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:58:07.611000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "30093",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewambalert.x?alertid=30093"
      },
      {
        "title": "cisco-sa-20130724-vsm",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130724-vsm"
      },
      {
        "title": "30132",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=30132"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003512"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-63433"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003512"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3431"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/61431"
      },
      {
        "trust": 1.7,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130724-vsm"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1028827"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85945"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3431"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3431"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-63433"
      },
      {
        "db": "BID",
        "id": "61431"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003512"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3431"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-507"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-63433"
      },
      {
        "db": "BID",
        "id": "61431"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003512"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3431"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-507"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-07-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-63433"
      },
      {
        "date": "2013-07-24T00:00:00",
        "db": "BID",
        "id": "61431"
      },
      {
        "date": "2013-07-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-003512"
      },
      {
        "date": "2013-07-25T15:53:16.233000",
        "db": "NVD",
        "id": "CVE-2013-3431"
      },
      {
        "date": "2013-07-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201307-507"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-08-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-63433"
      },
      {
        "date": "2013-07-25T06:44:00",
        "db": "BID",
        "id": "61431"
      },
      {
        "date": "2013-07-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-003512"
      },
      {
        "date": "2017-08-29T01:33:23.370000",
        "db": "NVD",
        "id": "CVE-2013-3431"
      },
      {
        "date": "2013-07-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201307-507"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-507"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Video Surveillance Manager Vulnerabilities in which important settings, archives, and log information are obtained",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003512"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-507"
      }
    ],
    "trust": 0.6
  }
}

GHSA-F4X4-Q95W-JP8R

Vulnerability from github – Published: 2022-05-17 01:35 – Updated: 2022-05-17 01:35

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-3431"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-07-25T15:53:00Z",
    "severity": "HIGH"
  },
  "details": "Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169.",
  "id": "GHSA-f4x4-q95w-jp8r",
  "modified": "2022-05-17T01:35:06Z",
  "published": "2022-05-17T01:35:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3431"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85945"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/61431"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1028827"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2013-3431

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2013-3431

Aliases

CVE-2013-3431

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-3431",
    "description": "Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169.",
    "id": "GSD-2013-3431"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-3431"
      ],
      "details": "Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169.",
      "id": "GSD-2013-3431",
      "modified": "2023-12-13T01:22:22.432591Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2013-3431",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "cisco-video-cve20133431-info-disc(85945)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85945"
          },
          {
            "name": "20130724 Multiple Vulnerabilities in the Cisco Video Surveillance Manager",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm"
          },
          {
            "name": "61431",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/61431"
          },
          {
            "name": "1028827",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1028827"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:1.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.3.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:4.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:1.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:4.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:2.1.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2013-3431"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20130724 Multiple Vulnerabilities in the Cisco Video Surveillance Manager",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm"
            },
            {
              "name": "61431",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/61431"
            },
            {
              "name": "1028827",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1028827"
            },
            {
              "name": "cisco-video-cve20133431-info-disc(85945)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85945"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-29T01:33Z",
      "publishedDate": "2013-07-25T15:53Z"
    }
  }
}

CERTA-2013-AVI-438

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Cisco Video Surveillance Manager. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Cisco VSM versions antérieurs à 7.0.0

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20130724-vsm du 24 juillet 2013	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20130724-vsm du 24 juillet 2013	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eCisco VSM versions ant\u00e9rieurs \u00e0 7.0.0\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2013-3431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3431"
    },
    {
      "name": "CVE-2013-3429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3429"
    },
    {
      "name": "CVE-2013-3430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3430"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20130724-vsm du 24    juillet 2013",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm"
    }
  ],
  "reference": "CERTA-2013-AVI-438",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-07-25T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eCisco Video Surveillance Manager\u003c/span\u003e. Elles permettent\n\u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Cisco Video Surveillance Manager",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20130724-vsm du 24 juillet 2013",
      "url": null
    }
  ]
}

CERTA-2013-AVI-438

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Cisco Video Surveillance Manager. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Cisco VSM versions antérieurs à 7.0.0

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20130724-vsm du 24 juillet 2013	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20130724-vsm du 24 juillet 2013	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eCisco VSM versions ant\u00e9rieurs \u00e0 7.0.0\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2013-3431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3431"
    },
    {
      "name": "CVE-2013-3429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3429"
    },
    {
      "name": "CVE-2013-3430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3430"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20130724-vsm du 24    juillet 2013",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm"
    }
  ],
  "reference": "CERTA-2013-AVI-438",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-07-25T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eCisco Video Surveillance Manager\u003c/span\u003e. Elles permettent\n\u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Cisco Video Surveillance Manager",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20130724-vsm du 24 juillet 2013",
      "url": null
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-3431 (GCVE-0-2013-3431)

FKIE_CVE-2013-3431

VAR-201307-0219

GHSA-F4X4-Q95W-JP8R

GSD-2013-3431

CERTA-2013-AVI-438

Solution

CERTA-2013-AVI-438

Solution

Tags

Sightings

Nomenclature