CVE-2013-3689
Published Oct 4, 2013
Last updated 11 years ago
Overview
- Description
- Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information (user names, passwords, and configurations) via a get action.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:brickom:100ap_device_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B920D75-98F5-4EE3-A867-BEA9699127D7",
"versionEndIncluding": "3.0.6.16c1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:brickom:fb-100ap:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A458982-22F6-4637-87F3-C4AB9A08CEB9"
},
{
"criteria": "cpe:2.3:h:brickom:md-100ap:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A11EA2A-225D-4A48-B387-D47AE4967AA5"
},
{
"criteria": "cpe:2.3:h:brickom:ob-100ae:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EFDD3960-F8A0-493B-8C16-3A3A4192A0E3"
},
{
"criteria": "cpe:2.3:h:brickom:osd-040e:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F24E61C0-A910-4A0E-9B6C-FFCE6792CF77"
},
{
"criteria": "cpe:2.3:h:brickom:wcb-100ap:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C61EFCAD-7876-4CB2-937B-565206C44C25"
},
{
"criteria": "cpe:2.3:h:brickom:wfb-100ap:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A2DBA19-9BE5-456D-AFF6-81767F7EDD2D"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]