Lucene search
CiscoCVE-2013-3406HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-3406
2022-10-0316:14:44
CWE-20
cisco
web.nvd.nist.gov
21
cisco
intelligent automation for cloud
remote authentication
cwe-22
cve-2013-3406
nvd
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:C/I:N/A:N
AI Score
6.4
Confidence
Low
EPSS
0.001
Percentile
40.0%
The “Files Available for Download” implementation in the Cisco Intelligent Automation for Cloud component in Cisco Services Portal 9.4(1) allows remote authenticated users to read arbitrary files via a crafted request, aka Bug ID CSCug65687.
Affected configurations
Node
ciscoservice_portalMatch9.4.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | service_portal | 9.4.1 | cpe:/a:cisco:service_portal:9.4.1::: |
Related
cvelist
cvelist
CVE-2013-3406
2022-10-03 16:14:44
cisco
cisco
Cisco Services Portal File Download Vulnerability
2013-11-15 16:34:04
nvd
nvd
CVE-2013-3406
2013-11-18 03:55:05
prion
prion
Information disclosure
2013-11-18 03:55:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:C/I:N/A:N
AI Score
6.4
Confidence
Low
EPSS
0.001
Percentile
40.0%
Related for CVE-2013-3406