Skip to main content

Firewall Services Module Software CVE-2013-5506

MEDIUM
Permissions, Privileges, and Access Controls (CWE-264)
2013-10-13 psirt@cisco.com
6.6
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
6.6 MEDIUM
AV:L/AC:M/Au:S/C:C/I:C/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:L/AC:M/Au:S/C:C/I:C/A:C
Attack Vector
Local
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C

Lifecycle Timeline

1
CVE Published
Oct 13, 2013 - 10:20 cve.org
MEDIUM 6.6

DescriptionCVE.org

The authorization functionality in Cisco Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(25) and 4.x before 4.1(13), when multiple-context mode is enabled, allows local users to read or modify any context's configuration via unspecified commands, aka Bug ID CSCue46080.

AnalysisAI

The authorization functionality in Cisco Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(25) and 4.x before 4.1(13), when multiple-context mode is enabled, allows local users to read or. Rated medium severity (CVSS 6.6). No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-264. The authorization functionality in Cisco Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(25) and 4.x before 4.1(13), when multiple-context mode is enabled, allows local users to read or modify any context's configuration via unspecified commands, aka Bug ID CSCue46080. Affected products include: Cisco Firewall Services Module Software. Version information: before 3.2.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2013-5506 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy