exploitDog

CVE-2013-3406

Опубликовано: 18 нояб. 2013

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

The "Files Available for Download" implementation in the Cisco Intelligent Automation for Cloud component in Cisco Services Portal 9.4(1) allows remote authenticated users to read arbitrary files via a crafted request, aka Bug ID CSCug65687.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3406
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=31775
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3406
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=31775
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:service_portal:9.4.1:*:*:*:*:*:*:*

EPSS

Процентиль: 41%

0.00195

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-6w74-g5qf-6rxv

github

больше 3 лет назад

The "Files Available for Download" implementation in the Cisco Intelligent Automation for Cloud component in Cisco Services Portal 9.4(1) allows remote authenticated users to read arbitrary files via a crafted request, aka Bug ID CSCug65687.

EPSS

Процентиль: 41%

0.00195

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-20