Cisco : Security Vulnerabilities, CVEs, Published In September 2013 (Gain Privilege)

CVE-2013-5497

The authentication manager process in the web framework in Cisco Intrusion Prevention System (IPS) does not properly handle user tokens, which allows remote attackers to cause a denial of service (intermittent MainApp hang) via a crafted management-interface connection request, aka Bug ID CSCuf20148.
Max CVSS
4.3
EPSS Score
0.89%
Published
2013-09-19
Updated
2017-08-29

CVE-2013-3473

The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600.
Max CVSS
7.8
EPSS Score
0.16%
Published
2013-09-20
Updated
2013-09-23

CVE-2013-3417

The administrative web interface in Cisco Video Surveillance Operations Manager does not properly perform authentication, which allows remote attackers to watch video feeds via a crafted URL, aka Bug ID CSCtg72262.
Max CVSS
5.0
EPSS Score
0.16%
Published
2013-09-30
Updated
2013-10-10

CVE-2012-4078

The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) does not properly handle SSH escape sequences, which allows remote authenticated users to bypass an unspecified authentication step via SSH port forwarding, aka Bug ID CSCtg17656.
Max CVSS
8.5
EPSS Score
0.28%
Published
2013-09-24
Updated
2017-08-29
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close