Lucene search

[email protected]CVE-2009-2046

HistoryJun 25, 2009 - 1:30 a.m.

CVE-2009-2046

2009-06-2501:30:01

CWE-200

[email protected]

web.nvd.nist.gov

cisco

video surveillance

ip camera

firmware

vulnerability

remote attackers

arbitrary files

http

https

bug ids

security advisory

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:C/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.5%

JSON

The embedded web server on the Cisco Video Surveillance 2500 Series IP Camera with firmware before 2.1 allows remote attackers to read arbitrary files via a (1) http or (2) https request, related to the (a) SD Camera Web Server and the (b) Wireless Camera HTTP Server, aka Bug IDs CSCsu05515 and CSCsr96497.

Affected configurations

NVD

Node

ciscovideo_surveillance_2500_series_ip_cameraRange≤2.0

CPENameOperatorVersion
cisco:video_surveillance_2500_series_ip_cameracisco video surveillance 2500 series ip camerale2.0

CPE	Name	Operator	Version
cisco:video_surveillance_2500_series_ip_camera	cisco video surveillance 2500 series ip camera	le	2.0

References

www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080ad1002.html

www.cisco.com/en/US/products/products_security_advisory09186a0080ad0f8f.shtml

www.securityfocus.com/bid/35478

www.securitytracker.com/id?1022445

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:C/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.5%

JSON

Related for CVE-2009-2046

prion1 nvd1 cvelist1 securityvulns1 cisco1 openvas1