Lucene search
CiscoCVE-2013-3407HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-3407
2022-10-0316:14:45
CWE-264
cisco
web.nvd.nist.gov
23
cisco
server provisioner
authentication bypass
remote attack
sensitive information
cve-2013-3407
nvd
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.6
Confidence
Low
EPSS
0.002
Percentile
57.3%
The web interface in Cisco Server Provisioner 6.4.0 Patch 5-1301292331 and earlier does not require authentication for unspecified pages, which allows remote attackers to obtain sensitive information via a direct request, aka Bug ID CSCug65664.
Affected configurations
Node
ciscoserver_provisionerRange≤6.4.0patch_5-1301292331
ORciscoserver_provisionerMatch6.3.0
ORciscoserver_provisionerMatch6.4.0
ORciscoserver_provisionerMatch6.4.0patch_1204040128
ORciscoserver_provisionerMatch6.4.0patch_2-1112122225
ORciscoserver_provisionerMatch6.4.0patch_3-1208021049
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | server_provisioner | 6.3.0 | cpe:/a:cisco:server_provisioner:6.3.0::: |
| cisco | server_provisioner | 6.4.0 | cpe:/a:cisco:server_provisioner:6.4.0:patch_3-1208021049:: |
| cisco | server_provisioner | cpe:/a:cisco:server_provisioner::patch_5-1301292331:: | |
| cisco | server_provisioner | 6.4.0 | cpe:/a:cisco:server_provisioner:6.4.0::: |
| cisco | server_provisioner | 6.4.0 | cpe:/a:cisco:server_provisioner:6.4.0:patch_1204040128:: |
| cisco | server_provisioner | 6.4.0 | cpe:/a:cisco:server_provisioner:6.4.0:patch_2-1112122225:: |
Related
prion
prion
Authentication flaw
2013-11-18 03:55:00
nvd
nvd
CVE-2013-3407
2013-11-18 03:55:05
cisco
cisco
Cisco Server Provisioner Web Interface Information Disclosure Vulnerability
2013-11-15 17:52:25
cvelist
cvelist
CVE-2013-3407
2022-10-03 16:14:45
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.6
Confidence
Low
EPSS
0.002
Percentile
57.3%
Related for CVE-2013-3407