Video Surveillance Operations Manager
CVE-2013-3417
MEDIUM
Severity by source
AV:N/AC:L/Au:N/C:P/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:N/AC:L/Au:N/C:P/I:N/A:N
Lifecycle Timeline
1DescriptionCVE.org
The administrative web interface in Cisco Video Surveillance Operations Manager does not properly perform authentication, which allows remote attackers to watch video feeds via a crafted URL, aka Bug ID CSCtg72262.
AnalysisAI
The administrative web interface in Cisco Video Surveillance Operations Manager does not properly perform authentication, which allows remote attackers to watch video feeds via a crafted URL, aka Bug. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. The administrative web interface in Cisco Video Surveillance Operations Manager does not properly perform authentication, which allows remote attackers to watch video feeds via a crafted URL, aka Bug ID CSCtg72262. Affected products include: Cisco Video Surveillance Operations Manager.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.
Cisco Video Surveillance Operations Manager (VSOM) does not require authentication for MySQL database connections, which
Open redirect vulnerability in the help page in Cisco Video Surveillance Operations Manager allows remote attackers to r
Same weakness CWE-287 – Improper Authentication
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today