CVE-2013-3398
Published Jun 26, 2013
Last updated 11 years ago
Overview
- Description
- The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance provides different responses to requests for arbitrary pathnames depending on whether the pathname exists, which allows remote attackers to enumerate directories and files via a series of crafted requests, aka Bug ID CSCuh64574.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:prime_central_for_hosted_collaboration_solution:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "402BF925-7B58-4DF2-9565-DF6680666F46"
}
],
"operator": "OR"
}
]
}
]