cvelistv5 - cve-2013-3473

CVE-2013-3473 (GCVE-0-2013-3473)

Vulnerability from cvelistv5 – Published: 2013-09-20 18:00 – Updated: 2024-09-17 01:36

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

http://tools.cisco.com/security/center/content/Ci…

vendor-advisoryx_refsource_CISCO

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:07:37.999Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20130918 Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password Enumeration Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-09-20T18:00:00Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20130918 Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password Enumeration Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2013-3473",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20130918 Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password Enumeration Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2013-3473",
    "datePublished": "2013-09-20T18:00:00Z",
    "dateReserved": "2013-05-06T00:00:00Z",
    "dateUpdated": "2024-09-17T01:36:49.077Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"9.1\", \"matchCriteriaId\": \"2C7857FD-FF8A-4222-89B2-8E36D81C16A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51C22E91-188C-4927-8CBB-E242040F6AEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:1.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A393353-5FD1-4760-9A06-B7F8A2121B6C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:8.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BEC9F2A8-B9ED-4FBC-A678-E1017E67B096\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D59739B-0E2E-475A-971B-EE0687667A65\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600.\"}, {\"lang\": \"es\", \"value\": \"El framework de Cisco Prime Central en Hosted Collaboration Solution (HCS) Assurance anterior a la versi\\u00f3n 9.1.1 no determina adecuadamente la existencia de una sesi\\u00f3n autenticada, lo que permite a los atacantes remotos descubrir nombres de usuario y contrase\\u00f1as a trav\\u00e9s de una petici\\u00f3n HTTP, aka Bug ID CSCud32600.\"}]",
      "id": "CVE-2013-3473",
      "lastModified": "2024-11-21T01:53:41.690",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:N/A:N\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-09-20T18:55:09.830",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-3473\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2013-09-20T18:55:09.830\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600.\"},{\"lang\":\"es\",\"value\":\"El framework de Cisco Prime Central en Hosted Collaboration Solution (HCS) Assurance anterior a la versi\u00f3n 9.1.1 no determina adecuadamente la existencia de una sesi\u00f3n autenticada, lo que permite a los atacantes remotos descubrir nombres de usuario y contrase\u00f1as a trav\u00e9s de una petici\u00f3n HTTP, aka Bug ID CSCud32600.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:N/A:N\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"9.1\",\"matchCriteriaId\":\"2C7857FD-FF8A-4222-89B2-8E36D81C16A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51C22E91-188C-4927-8CBB-E242040F6AEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A393353-5FD1-4760-9A06-B7F8A2121B6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEC9F2A8-B9ED-4FBC-A678-E1017E67B096\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D59739B-0E2E-475A-971B-EE0687667A65\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GSD-2013-3473

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2013-3473

Aliases

CVE-2013-3473

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-3473",
    "description": "The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600.",
    "id": "GSD-2013-3473"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-3473"
      ],
      "details": "The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600.",
      "id": "GSD-2013-3473",
      "modified": "2023-12-13T01:22:23.120868Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2013-3473",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20130918 Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password Enumeration Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:8.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2013-3473"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20130918 Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password Enumeration Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-09-23T22:34Z",
      "publishedDate": "2013-09-20T18:55Z"
    }
  }
}

FKIE_CVE-2013-3473

Vulnerability from fkie_nvd - Published: 2013-09-20 18:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

	URL	Tags
	psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	prime_central_for_hosted_collaboration_solution_assurance	*
cisco	prime_central_for_hosted_collaboration_solution_assurance	1.0
cisco	prime_central_for_hosted_collaboration_solution_assurance	1.0.1
cisco	prime_central_for_hosted_collaboration_solution_assurance	8.6
cisco	prime_central_for_hosted_collaboration_solution_assurance	9.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C7857FD-FF8A-4222-89B2-8E36D81C16A6",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51C22E91-188C-4927-8CBB-E242040F6AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A393353-5FD1-4760-9A06-B7F8A2121B6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC9F2A8-B9ED-4FBC-A678-E1017E67B096",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D59739B-0E2E-475A-971B-EE0687667A65",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600."
    },
    {
      "lang": "es",
      "value": "El framework de Cisco Prime Central en Hosted Collaboration Solution (HCS) Assurance anterior a la versi\u00f3n 9.1.1 no determina adecuadamente la existencia de una sesi\u00f3n autenticada, lo que permite a los atacantes remotos descubrir nombres de usuario y contrase\u00f1as a trav\u00e9s de una petici\u00f3n HTTP, aka Bug ID CSCud32600."
    }
  ],
  "id": "CVE-2013-3473",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 7.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-09-20T18:55:09.830",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201309-0233

Vulnerability from variot - Updated: 2023-12-18 13:20

The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600. Vendors have confirmed this vulnerability Bug ID CSCud32600 It is released as.By a third party HTTP User name and password may be obtained through the request. Cisco Prime Central for HCS Assurance is prone to an information-disclosure vulnerability. Successfully exploiting this issue may allow an attacker to gain access to sensitive information on the affected system. Information obtained may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCud32600. The platform provides functions such as secure access authentication and real-time fault analysis

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201309-0233",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "prime central for hosted collaboration solution assurance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.6"
      },
      {
        "model": "prime central for hosted collaboration solution assurance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "9.0"
      },
      {
        "model": "prime central for hosted collaboration solution assurance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.0"
      },
      {
        "model": "prime central for hosted collaboration solution assurance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.0.1"
      },
      {
        "model": "prime central for hosted collaboration solution assurance",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "9.1"
      },
      {
        "model": "prime central for hcs assurance",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "1.1"
      },
      {
        "model": "prime central for hosted collaboration solution assurance",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "9.1"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004276"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3473"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-363"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:8.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution_assurance:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-3473"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ben Williams of NCC Research",
    "sources": [
      {
        "db": "BID",
        "id": "62489"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2013-3473",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.8,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2013-3473",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-63475",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2013-3473",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201309-363",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-63475",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-63475"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004276"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3473"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-363"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600. Vendors have confirmed this vulnerability Bug ID CSCud32600 It is released as.By a third party HTTP User name and password may be obtained through the request. Cisco Prime Central for HCS Assurance is prone to an information-disclosure vulnerability. \nSuccessfully exploiting this issue may allow an attacker to gain access to sensitive information on the affected system. Information obtained may aid in further attacks. \nThis issue is being tracked by Cisco Bug ID CSCud32600. The platform provides functions such as secure access authentication and real-time fault analysis",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-3473"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004276"
      },
      {
        "db": "BID",
        "id": "62489"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63475"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-3473",
        "trust": 2.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004276",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-363",
        "trust": 0.7
      },
      {
        "db": "CISCO",
        "id": "20130918 CISCO PRIME CENTRAL FOR HOSTED COLLABORATION SOLUTION ASSURANCE UNAUTHENTICATED USERNAME AND PASSWORD ENUMERATION VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "62489",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-63475",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-63475"
      },
      {
        "db": "BID",
        "id": "62489"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004276"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3473"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-363"
      }
    ]
  },
  "id": "VAR-201309-0233",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-63475"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:20:05.545000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "30636",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewambalert.x?alertid=30636"
      },
      {
        "title": "cisco-sa-20130918-pc",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130918-pc"
      },
      {
        "title": "30759",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=30759"
      },
      {
        "title": "cisco-sa-20130918-pc",
        "trust": 0.8,
        "url": "http://www.cisco.com/cisco/web/support/jp/111/1119/1119824_cisco-sa-20130918-pc-j.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004276"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-63475"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004276"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3473"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130918-pc"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3473"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3473"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/ps12491/index.html"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-63475"
      },
      {
        "db": "BID",
        "id": "62489"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004276"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3473"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-363"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-63475"
      },
      {
        "db": "BID",
        "id": "62489"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004276"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3473"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-363"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-09-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-63475"
      },
      {
        "date": "2013-09-18T00:00:00",
        "db": "BID",
        "id": "62489"
      },
      {
        "date": "2013-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-004276"
      },
      {
        "date": "2013-09-20T18:55:09.830000",
        "db": "NVD",
        "id": "CVE-2013-3473"
      },
      {
        "date": "2013-09-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201309-363"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-09-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-63475"
      },
      {
        "date": "2013-09-18T00:00:00",
        "db": "BID",
        "id": "62489"
      },
      {
        "date": "2013-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-004276"
      },
      {
        "date": "2013-09-23T22:34:28.407000",
        "db": "NVD",
        "id": "CVE-2013-3473"
      },
      {
        "date": "2013-09-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201309-363"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-363"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Prime Central for Hosted Collaboration Solution Assurance of  Web Vulnerability to get user name and password in the framework",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-004276"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-363"
      }
    ],
    "trust": 0.6
  }
}

GHSA-R9FP-QW2C-8CXH

Vulnerability from github – Published: 2022-05-17 05:04 – Updated: 2022-05-17 05:04

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-3473"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-09-20T18:55:00Z",
    "severity": "HIGH"
  },
  "details": "The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600.",
  "id": "GHSA-r9fp-qw2c-8cxh",
  "modified": "2022-05-17T05:04:21Z",
  "published": "2022-05-17T05:04:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3473"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2013-AVI-533

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans Cisco Prime Central. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Cisco	N/A	Cisco Prime Central pour HCS Assurance version 1.1
	Cisco	N/A	Cisco Prime Central pour HCS Assurance version 1.0.1

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20130918-pc du 18 septembre 2013	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20130918-pc du 18 septembre 2013	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco Prime Central pour HCS Assurance version 1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Prime Central pour HCS Assurance version 1.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2013-3473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3473"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20130918-pc du 18    septembre 2013",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc"
    }
  ],
  "reference": "CERTA-2013-AVI-533",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-09-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eCisco Prime\nCentral\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Cisco Prime Central",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20130918-pc du 18 septembre 2013",
      "url": null
    }
  ]
}

CERTA-2013-AVI-533

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans Cisco Prime Central. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Cisco	N/A	Cisco Prime Central pour HCS Assurance version 1.1
	Cisco	N/A	Cisco Prime Central pour HCS Assurance version 1.0.1

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20130918-pc du 18 septembre 2013	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20130918-pc du 18 septembre 2013	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco Prime Central pour HCS Assurance version 1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Prime Central pour HCS Assurance version 1.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2013-3473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3473"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20130918-pc du 18    septembre 2013",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc"
    }
  ],
  "reference": "CERTA-2013-AVI-533",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-09-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eCisco Prime\nCentral\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Cisco Prime Central",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20130918-pc du 18 septembre 2013",
      "url": null
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-3473 (GCVE-0-2013-3473)

GSD-2013-3473

FKIE_CVE-2013-3473

VAR-201309-0233

GHSA-R9FP-QW2C-8CXH

CERTA-2013-AVI-533

Solution

CERTA-2013-AVI-533

Solution

Tags

Sightings

Nomenclature