cbcvebase.

Cisco Video Surveillance Manager vulnerabilities

6 known vulnerabilities affecting cisco/video_surveillance_manager.

Total CVEs
6
CISA KEV
1
actively exploited
Public exploits
4
Exploited in wild
1
Severity breakdown
CRITICAL3HIGH3

Vulnerabilities

Page 1 of 1
CVE-2021-44228P1CRITICALCVSS 10.0KEVPoCRansomwarev7.14\(1.26\)v7.14\(2.26\)+2 more2021-12-10
CVE-2021-44228 [CRITICAL] CWE-20 CVE-2021-44228: Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LD
nvd
CVE-2013-3431P3HIGHCVSS 7.8PoC≤ 6.3.3v1.1.0+16 more2013-07-25
CVE-2013-3431 [HIGH] CWE-287 CVE-2013-3431: Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VS Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169.
nvd
CVE-2013-3430P3CRITICALCVSS 9.0PoC≤ 6.3.3v1.1.0+16 more2013-07-25
CVE-2013-3430 [CRITICAL] CWE-287 CVE-2013-3430: Cisco Video Surveillance Manager (VSM) before 7.0.0 allows remote attackers to obtain sensitive conf Cisco Video Surveillance Manager (VSM) before 7.0.0 allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv37288.
nvd
CVE-2013-3429P3HIGHCVSS 7.8PoC≤ 6.3.3v1.1.0+16 more2013-07-25
CVE-2013-3429 [HIGH] CWE-22 CVE-2013-3429: Multiple directory traversal vulnerabilities in Cisco Video Surveillance Manager (VSM) before 7.0.0 Multiple directory traversal vulnerabilities in Cisco Video Surveillance Manager (VSM) before 7.0.0 allow remote attackers to read system files via a crafted URL, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv37163.
nvd
CVE-2018-15427P2CRITICALCVSS 9.8v7.10v7.11+1 more2018-10-05
CVE-2018-15427 [CRITICAL] CWE-798 CVE-2018-15427: A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco Connecte A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco Connected Safety and Security Unified Computing System (UCS) platforms could allow an unauthenticated, remote attacker to log in to an affected system by using the root account, which has default, static user credentials. The vulnerability is due to the pre
nvd
CVE-2019-1717P3HIGHCVSS 7.5v7.212019-05-15
CVE-2019-1717 [HIGH] CWE-22 CVE-2019-1717: A vulnerability in the web-based management interface of Cisco Video Surveillance Manager could allo A vulnerability in the web-based management interface of Cisco Video Surveillance Manager could allow an unauthenticated, remote attacker to access sensitive information. The vulnerability is due to improper validation of parameters handled by the web-based management interface. An attacker could exploit this vulnerability by sending malicious requests t
nvd
Cisco Video Surveillance Manager vulnerabilities | cvebase