exploitDog

CVE-2013-3428

Опубликовано: 15 июл. 2013

Источник: nvd

CVSS2: 4

EPSS Низкий

Описание

The web interface in Cisco Secure Access Control System (ACS) does not properly suppress error-condition details, which allows remote authenticated users to obtain sensitive information via an unspecified request that triggers an error, aka Bug ID CSCue65957.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3428
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3428
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:secure_access_control_system:-:*:*:*:*:*:*:*

EPSS

Процентиль: 38%

0.00162

Низкий

4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-v342-3m6w-x452

github

больше 3 лет назад

The web interface in Cisco Secure Access Control System (ACS) does not properly suppress error-condition details, which allows remote authenticated users to obtain sensitive information via an unspecified request that triggers an error, aka Bug ID CSCue65957.

EPSS

Процентиль: 38%

0.00162

Низкий

4 Medium

CVSS2

Дефекты

CWE-200