Cisco Security Monitoring Analysis and Response System Information Disclosure Vulnerability

Bugtraq ID:	58809
Class:	Access Validation Error
CVE:	CVE-2013-1140
Remote:	Yes
Local:	No
Published:	Mar 04 2013 12:00AM
Updated:	Mar 04 2013 12:00AM
Credit:	Cisco
Vulnerable:
Not Vulnerable:

Cisco Security Monitoring Analysis and Response System Information Disclosure Vulnerability

Cisco Security Monitoring Analysis and Response System is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks.

This issue being tracked by Cisco Bug ID CSCue55093.

Cisco Security Monitoring Analysis and Response System Information Disclosure Vulnerability

An attacker can exploit this issue using readily available tools.

Cisco Security Monitoring Analysis and Response System Information Disclosure Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Cisco Security Monitoring Analysis and Response System Information Disclosure Vulnerability

References:

• Cisco Homepage (Cisco)
  
• Cisco Security Monitoring, Analysis and Response System Homepage (Cisco)
  
• Cisco MARS Information Disclosure Vulnerability (Cisco)