CVE-2013-5535 : The analytics page on Cisco Video Surveillance 4000 IP cameras has hardcoded cre

The analytics page on Cisco Video Surveillance 4000 IP cameras has hardcoded credentials, which allows remote attackers to watch the video feed by leveraging knowledge of the password, aka Bug IDs CSCuj70402 and CSCuj70419.

Published 2013-10-16 10:52:45

Updated 2025-04-11 00:51:22

Source Cisco Systems, Inc.

View at NVD, CVE.org

Products affected by CVE-2013-5535

Cisco » Video Surveillance 4000 Ip Camera » Version: N/A
cpe:2.3:h:cisco:video_surveillance_4000_ip_camera:-:*:*:*:*:*:*:*
Matching versions
Cisco » Video Surveillance 4300e Ip Camera » Version: N/A
cpe:2.3:h:cisco:video_surveillance_4300e_ip_camera:-:*:*:*:*:*:*:*
Matching versions
Cisco » Video Surveillance 4500e Ip Camera » Version: N/A
cpe:2.3:h:cisco:video_surveillance_4500e_ip_camera:-:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2013-5535

EPSS FAQ

0.24%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 45 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2013-5535

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.4	MEDIUM	AV:N/AC:L/Au:N/C:P/I:P/A:N	10.0	4.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: None

CWE ids for CVE-2013-5535

CWE-255

Assigned by: nvd@nist.gov (Primary)

References for CVE-2013-5535

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5535

Cisco Video Surveillance 4000 Series IP Camera Default Credential Vulnerability
Vendor Advisory

Jump to

Vulnerability Details : CVE-2013-5535

Products affected by CVE-2013-5535

Exploit prediction scoring system (EPSS) score for CVE-2013-5535

CVSS scores for CVE-2013-5535

CWE ids for CVE-2013-5535

References for CVE-2013-5535