cbcvebase.
CVE-2013-3431
published 2013-07-25

CVE-2013-3431: Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to…

PriorityP357high7.8CVSS 2.0
AVNACLAuNCCINAN
EXPLOIT
EPSS
9.26%
94.7th percentile
Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169.

Affected

19 ranges
VendorProductVersion rangeFixed in
ciscovideo_surveillance_manager<= 6.3.3
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager
ciscovideo_surveillance_manager

CVSS provenance

nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:C/I:N/A:N
vendor_cisco9.0CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.