Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2013-5535

The analytics page on Cisco Video Surveillance 4000 IP cameras has hardcoded credentials, which allows remote attackers to watch the video feed by leveraging knowledge of the password, aka Bug IDs CSCuj70402 and CSCuj70419.

Published

2013-10-16T10:52:45.307

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 6.4 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

4.9

Weaknesses

Type: Primary
CWE-255

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Hardware	cisco	video_surveillance_4000_ip_camera	-	Yes
Hardware	cisco	video_surveillance_4300e_ip_camera	-	Yes
Hardware	cisco	video_surveillance_4500e_ip_camera	-	Yes

References

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5535 Vendor Advisory ([email protected])
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5535 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)