CVE-2010-0593

Published Apr 22, 2010

Last updated 8 years ago

CVSS info 9.0

Overview

Description: The Cisco RVS4000 4-port Gigabit Security Router before 1.3.2.0, PVC2300 Business Internet Video Camera before 1.1.2.6, WVC200 Wireless-G PTZ Internet Video Camera before 1.1.1.15, WVC210 Wireless-G PTZ Internet Video Camera before 1.1.1.15, and WVC2300 Wireless-G Business Internet Video Camera before 1.1.2.6 do not properly restrict read access to passwords, which allows context-dependent attackers to obtain sensitive information, related to (1) access by remote authenticated users to a PVC2300 or WVC2300 via a crafted URL, (2) leveraging setup privileges on a WVC200 or WVC210, and (3) leveraging administrative privileges on an RVS4000, aka Bug ID CSCte64726.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9
Impact score: 10
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:pvc2300:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7261E300-E1FF-4BED-A769-4EF5160A19B8",
            "versionEndIncluding": "1.1.1.4"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:wvc200:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9949161-A6F8-4FCA-B0F9-B24F8902B796",
            "versionEndIncluding": "1.1.0.15"
          },
          {
            "criteria": "cpe:2.3:h:cisco:wvc200:1.1.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75A3FA1B-7F80-4400-8384-FD00BC3AAFEC"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:wvc210:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "582D8387-3185-45AA-A833-DFEF7BF9B7BD",
            "versionEndIncluding": "1.1.0.15"
          },
          {
            "criteria": "cpe:2.3:h:cisco:wvc210:1.1.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66012205-BEBC-4915-A116-7DB82430DBC0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:wvc2300:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AF1A282-36FF-4D15-A981-83B18977DE93",
            "versionEndIncluding": "1.1.1.4"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:rvs4000:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D7FF6DC-E1FF-4E6D-8A6C-098E07F5D898",
            "versionEndIncluding": "1.3.1.0"
          },
          {
            "criteria": "cpe:2.3:h:cisco:rvs4000:1.3.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10D53639-E058-474D-9E02-D0B602460A31"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References