CVE-2013-3473

Cisco Prime Central For Hosted Collab... - Authentication Bypass

Title source: rule

Description

The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600.

References (1)

[Vendor Advisory] http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc

Scores

EPSS 0.0027

EPSS Percentile 50.4%

Classification

CWE

CWE-287

Status draft

Affected Products (5)

cisco/prime_central_for_hosted_collaboration_solution_assurance < 9.1

cisco/prime_central_for_hosted_collaboration_solution_assurance

Timeline

Published Sep 20, 2013

Tracked Since Feb 18, 2026