Cisco Video Surveillance Manager (VSM) prior to 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote malicious users to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco video surveillance manager |
||
cisco video surveillance manager 1.1.0 |
||
cisco video surveillance manager 1.2.1 |
||
cisco video surveillance manager 2.0.0 |
||
cisco video surveillance manager 2.1 |
||
cisco video surveillance manager 2.1.2 |
||
cisco video surveillance manager 2.1.3 |
||
cisco video surveillance manager 2.1.4 |
||
cisco video surveillance manager 2.1.6 |
||
cisco video surveillance manager 2.1.7 |
||
cisco video surveillance manager 2.3.0 |
||
cisco video surveillance manager 2.3.1 |
||
cisco video surveillance manager 4.0.1 |
||
cisco video surveillance manager 4.2.0 |
||
cisco video surveillance manager 4.2.1 |
||
cisco video surveillance manager 6.3 |
||
cisco video surveillance manager 6.3.1 |
||
cisco video surveillance manager 6.3.2 |