Lucene search
HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-3473
cisco
prime central
hosted collaboration solution
hcs
assurance
cve-2013-3473
nvd
bug id cscud32600
web framework
security vulnerability
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
6.7 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
56.1%
The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600.
Affected configurations
Node
ciscoprime_central_for_hosted_collaboration_solution_assuranceRange≤9.1
ORciscoprime_central_for_hosted_collaboration_solution_assuranceMatch1.0
ORciscoprime_central_for_hosted_collaboration_solution_assuranceMatch1.0.1
ORciscoprime_central_for_hosted_collaboration_solution_assuranceMatch8.6
ORciscoprime_central_for_hosted_collaboration_solution_assuranceMatch9.0
Related
prion
prion
Design/Logic Flaw
2013-09-20 18:55:00
cisco
cisco
cvelist
cvelist
CVE-2013-3473
2022-10-03 16:14:46
nvd
nvd
CVE-2013-3473
2013-09-20 18:55:09
securityvulns
securityvulns
Cisco Prime Data Center / Prime Central security vulnerabilities
2013-10-03 00:00:00
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
6.7 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
56.1%
Related for CVE-2013-3473