CVE-2013-3429

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2013-3429
Multiple directory traversal vulnerabilities in Cisco Video Surveillance Manager (VSM) before 7.0.0 allow remote attackers to read system files via a crafted URL, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv37163.

7.8 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:N/A:N

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm Vendor Advisory
http://www.securityfocus.com/bid/61430
http://www.securitytracker.com/id/1028827
https://exchange.xforce.ibmcloud.com/vulnerabilities/85947
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:video_surveillance_manager:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:2.1.7:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr1:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:2.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr2:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:2.1.6:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:6.3.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:6.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_manager:6.3.2:mr3:*:*:*:*:*:*
Information

Published : 2013-07-25 08:53

Updated : 2017-08-28 18:33

NVD link : CVE-2013-3429

Mitre link : CVE-2013-3429

JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa
Products Affected

cisco

  • video_surveillance_manager