CVE-2013-3409 — MEDIUM (4.3)

Vulnerability Description

The portal in Cisco Prime Central for Hosted Collaboration Solution (HCS) places cleartext credentials in temporary files, which allows local users to obtain sensitive information by leveraging weak file permissions to read these files, aka Bug IDs CSCuh33735 and CSCuh34230.

CVSS Score

4.3

MEDIUM

AV:L/AC:L/Au:S/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Cisco	Prime Central For Hosted Collaboration Solution	-

Related Weaknesses (CWE)

CWE-255

References

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3409Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3409Vendor Advisory

FAQ

What is CVE-2013-3409?

CVE-2013-3409 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The portal in Cisco Prime Central for Hosted Collaboration Solution (HCS) places cleartext credentials in temporary files, which allows local users to obtain sensitive information by leveraging weak f...

How severe is CVE-2013-3409?

CVE-2013-3409 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-3409?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Prime Central For Hosted Collaboration Solution.