CVE-2009-2046

Sažetak

The embedded web server on the Cisco Video Surveillance 2500 Series IP Camera with firmware before 2.1 allows remote attackers to read arbitrary files via a (1) http or (2) https request, related to the (a) SD Camera Web Server and the (b) Wireless Camera HTTP Server, aka Bug IDs CSCsu05515 and CSCsr96497.

Reference

http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080ad1002.html
http://www.cisco.com/en/US/products/products_security_advisory09186a0080ad0f8f.shtml
http://www.securityfocus.com/bid/35478
http://www.securitytracker.com/id?1022445

CVSS

Base:	6.8
Impact:	6.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:C/I:N/A:N

Zadnje važnije ažuriranje

02-07-2009 - 03:31

Objavljeno

25-06-2009 - 01:30