Vulnerability Description
Multiple directory traversal vulnerabilities in Cisco Video Surveillance Manager (VSM) before 7.0.0 allow remote attackers to read system files via a crafted URL, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv37163.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Video Surveillance Manager | <= 6.3.3 |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://www.securityfocus.com/bid/61430
- http://www.securitytracker.com/id/1028827
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85947
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://www.securityfocus.com/bid/61430
- http://www.securitytracker.com/id/1028827
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85947
FAQ
What is CVE-2013-3429?
CVE-2013-3429 is a vulnerability with a CVSS score of 7.8 (HIGH). Multiple directory traversal vulnerabilities in Cisco Video Surveillance Manager (VSM) before 7.0.0 allow remote attackers to read system files via a crafted URL, related to the Cisco_VSBWT (aka Broad...
How severe is CVE-2013-3429?
CVE-2013-3429 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-3429?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Video Surveillance Manager.