CVE-2013-3431
Summary
| CVE | CVE-2013-3431 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2013-07-25 15:53:00 UTC |
| Updated | 2017-08-29 01:33:00 UTC |
| Description | Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169. |
Risk And Classification
Problem Types: CWE-287
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cisco | Video Surveillance Manager | 1.1.0 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 1.2.1 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.0.0 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.1 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.1.2 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.1.3 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.1.4 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.1.6 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.1.7 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.3.0 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.3.1 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 4.0.1 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 4.2.0 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 4.2.1 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 6.3 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 6.3.1 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 6.3.2 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 6.3.2 | mr1 | All | All |
| Application | Cisco | Video Surveillance Manager | 6.3.2 | mr2 | All | All |
| Application | Cisco | Video Surveillance Manager | 6.3.2 | mr3 | All | All |
| Application | Cisco | Video Surveillance Manager | 1.1.0 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 1.2.1 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.0.0 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.1 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.1.2 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.1.3 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.1.4 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.1.6 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.1.7 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.3.0 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 2.3.1 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 4.0.1 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 4.2.0 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 4.2.1 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 6.3 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 6.3.1 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 6.3.2 | All | All | All |
| Application | Cisco | Video Surveillance Manager | 6.3.2 | mr1 | All | All |
| Application | Cisco | Video Surveillance Manager | 6.3.2 | mr2 | All | All |
| Application | Cisco | Video Surveillance Manager | 6.3.2 | mr3 | All | All |
| Application | Cisco | Video Surveillance Manager | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Video Surveillance Manager | CISCO | tools.cisco.com | Vendor Advisory |
| Cisco Video Surveillance Manager CVE-2013-3431 Remote Authentication Bypass Vulnerability | BID | www.securityfocus.com | |
| Cisco Video Surveillance Manager Bugs Let Remote Users Obtain Potentially Sensitive Information - SecurityTracker | SECTRACK | www.securitytracker.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.