Vulnerabilities > Cisco > Video Surveillance Manager > 2.1.6

DATE CVE VULNERABILITY TITLE RISK
2013-07-25 CVE-2013-3431 Improper Authentication vulnerability in Cisco Video Surveillance Manager
Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169.
network
low complexity
cisco CWE-287
7.8
2013-07-25 CVE-2013-3430 Improper Authentication vulnerability in Cisco Video Surveillance Manager
Cisco Video Surveillance Manager (VSM) before 7.0.0 allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv37288.
network
low complexity
cisco CWE-287
critical
9.0
2013-07-25 CVE-2013-3429 Path Traversal vulnerability in Cisco Video Surveillance Manager
Multiple directory traversal vulnerabilities in Cisco Video Surveillance Manager (VSM) before 7.0.0 allow remote attackers to read system files via a crafted URL, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv37163.
network
low complexity
cisco CWE-22
7.8