var-201310-0505
Vulnerability from variot
Cisco IOS on Catalyst 3750X switches has default Service Module credentials, which makes it easier for local users to gain privileges via a Service Module login, aka Bug ID CSCue92286. The Cisco Catalyst 3750 Series Switch is an innovative switch that increases LAN efficiency by combining industry-leading ease of use with the highest resiliency of stackable switches. Allows an attacker to exploit the vulnerability to gain full access to the affected device. This issue is tracked by Cisco Bug ID CSCue92286
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201310-0505",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 3750-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "catalyst 3750-x series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "15.0(2)se1"
},
{
"model": "catalyst series",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3750"
},
{
"model": "ios 15.0se",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14084"
},
{
"db": "BID",
"id": "63342"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004893"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-613"
},
{
"db": "NVD",
"id": "CVE-2013-5522"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:catalyst_3750-x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004893"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "63342"
}
],
"trust": 0.3
},
"cve": "CVE-2013-5522",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"id": "CVE-2013-5522",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"id": "CNVD-2013-14084",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"id": "VHN-65524",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-5522",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-5522",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2013-14084",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201310-613",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-65524",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14084"
},
{
"db": "VULHUB",
"id": "VHN-65524"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004893"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-613"
},
{
"db": "NVD",
"id": "CVE-2013-5522"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS on Catalyst 3750X switches has default Service Module credentials, which makes it easier for local users to gain privileges via a Service Module login, aka Bug ID CSCue92286. The Cisco Catalyst 3750 Series Switch is an innovative switch that increases LAN efficiency by combining industry-leading ease of use with the highest resiliency of stackable switches. Allows an attacker to exploit the vulnerability to gain full access to the affected device. \nThis issue is tracked by Cisco Bug ID CSCue92286",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5522"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004893"
},
{
"db": "CNVD",
"id": "CNVD-2013-14084"
},
{
"db": "BID",
"id": "63342"
},
{
"db": "VULHUB",
"id": "VHN-65524"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-5522",
"trust": 3.4
},
{
"db": "BID",
"id": "63342",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004893",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201310-613",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-14084",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20131024 CISCO CATALYST 3750X DEFAULT CREDENTIALS VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-65524",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14084"
},
{
"db": "VULHUB",
"id": "VHN-65524"
},
{
"db": "BID",
"id": "63342"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004893"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-613"
},
{
"db": "NVD",
"id": "CVE-2013-5522"
}
]
},
"id": "VAR-201310-0505",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14084"
},
{
"db": "VULHUB",
"id": "VHN-65524"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14084"
}
]
},
"last_update_date": "2024-11-23T22:31:22.230000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco Catalyst 3750-X Series Switch Default Credentials Vulnerability",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5522"
},
{
"title": "31496",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31496"
},
{
"title": "Cisco Catalyst 3750 Series Switches Default Certificate Credentials Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/40543"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14084"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004893"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65524"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004893"
},
{
"db": "NVD",
"id": "CVE-2013-5522"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-5522"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5522"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5522"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/hw/switches/index.html"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14084"
},
{
"db": "VULHUB",
"id": "VHN-65524"
},
{
"db": "BID",
"id": "63342"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004893"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-613"
},
{
"db": "NVD",
"id": "CVE-2013-5522"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-14084"
},
{
"db": "VULHUB",
"id": "VHN-65524"
},
{
"db": "BID",
"id": "63342"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004893"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-613"
},
{
"db": "NVD",
"id": "CVE-2013-5522"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14084"
},
{
"date": "2013-10-25T00:00:00",
"db": "VULHUB",
"id": "VHN-65524"
},
{
"date": "2013-10-24T00:00:00",
"db": "BID",
"id": "63342"
},
{
"date": "2013-10-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004893"
},
{
"date": "2013-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201310-613"
},
{
"date": "2013-10-25T03:52:54.970000",
"db": "NVD",
"id": "CVE-2013-5522"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14084"
},
{
"date": "2013-10-25T00:00:00",
"db": "VULHUB",
"id": "VHN-65524"
},
{
"date": "2013-10-28T00:10:00",
"db": "BID",
"id": "63342"
},
{
"date": "2013-10-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004893"
},
{
"date": "2013-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201310-613"
},
{
"date": "2024-11-21T01:57:38.030000",
"db": "NVD",
"id": "CVE-2013-5522"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "63342"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-613"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Catalyst 3750X Runs on the switch Cisco IOS Vulnerability gained in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004893"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201310-613"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.