Vulnerability-Lookup

CVE-2013-5558 (GCVE-0-2013-5558)

Vulnerability from cvelistv5 – Published: 2013-11-08 02:00 – Updated: 2024-09-16 22:45

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

VAR-201311-0298

Vulnerability from variot - Updated: 2025-04-11 23:19

The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 before 1.21 changes the admin password to an empty password upon a reboot, which makes it easier for remote attackers to obtain access via the administrative interface, aka Bug ID CSCuj17238. Vendors have confirmed this vulnerability Bug ID CSCuj17238 It is released as.A third party may gain access through the administration interface. Exploiting this issue could allow an attacker to bypass certain security restrictions and perform unauthorized actions on the device running the vulnerable application. This issue is being tracked by Cisco Bug ID CSCuj17238. The system can provide remote diagnosis, virtual nursing, medical education and other functions through high-definition video. The vulnerability is caused by an error in the program's handling of administrative passwords. When the system is restarted, the software resets the admin password to an empty password. An attacker could exploit this vulnerability to gain administrative privileges by logging into the management interface

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201311-0298",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "telepresence vx clinical assistant",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "1.2"
      },
      {
        "model": "telepresence vx clinical assistant",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "1.2"
      },
      {
        "model": "telepresence vx clinical assistant",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "1.21"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005052"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-098"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5558"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:cisco:telepresence_vx_clinical_assistant",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005052"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "63552"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-098"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2013-5558",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2013-5558",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-65560",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-5558",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-5558",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201311-098",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-65560",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65560"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005052"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-098"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5558"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 before 1.21 changes the admin password to an empty password upon a reboot, which makes it easier for remote attackers to obtain access via the administrative interface, aka Bug ID CSCuj17238. Vendors have confirmed this vulnerability Bug ID CSCuj17238 It is released as.A third party may gain access through the administration interface. \nExploiting this issue could  allow an attacker to bypass certain  security  restrictions and perform unauthorized actions on the device  running the vulnerable application. \nThis issue is being tracked by Cisco Bug ID CSCuj17238. The system can provide remote diagnosis, virtual nursing, medical education and other functions through high-definition video. The vulnerability is caused by an error in the program\u0027s handling of administrative passwords. When the system is restarted, the software resets the admin password to an empty password. An attacker could exploit this vulnerability to gain administrative privileges by logging into the management interface",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-5558"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005052"
      },
      {
        "db": "BID",
        "id": "63552"
      },
      {
        "db": "VULHUB",
        "id": "VHN-65560"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-5558",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "63552",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005052",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-098",
        "trust": 0.7
      },
      {
        "db": "NSFOCUS",
        "id": "25227",
        "trust": 0.6
      },
      {
        "db": "CISCO",
        "id": "20131106 CISCO TELEPRESENCE VX CLINICAL ASSISTANT ADMINISTRATIVE PASSWORD RESET VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-65560",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65560"
      },
      {
        "db": "BID",
        "id": "63552"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005052"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-098"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5558"
      }
    ]
  },
  "id": "VAR-201311-0298",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65560"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2025-04-11T23:19:27.211000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20131106-tvxca",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-tvxca"
      },
      {
        "title": "31571",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31571"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005052"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-255",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65560"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005052"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5558"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20131106-tvxca"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5558"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5558"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/63552"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/25227"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-65560"
      },
      {
        "db": "BID",
        "id": "63552"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005052"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-098"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5558"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-65560"
      },
      {
        "db": "BID",
        "id": "63552"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005052"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-098"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-5558"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-11-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-65560"
      },
      {
        "date": "2013-11-06T00:00:00",
        "db": "BID",
        "id": "63552"
      },
      {
        "date": "2013-11-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-005052"
      },
      {
        "date": "2013-11-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201311-098"
      },
      {
        "date": "2013-11-08T04:47:23.040000",
        "db": "NVD",
        "id": "CVE-2013-5558"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-11-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-65560"
      },
      {
        "date": "2013-11-06T00:00:00",
        "db": "BID",
        "id": "63552"
      },
      {
        "date": "2013-11-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-005052"
      },
      {
        "date": "2013-11-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201311-098"
      },
      {
        "date": "2025-04-11T00:51:21.963000",
        "db": "NVD",
        "id": "CVE-2013-5558"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-098"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco TelePresence VX Clinical Assistant of  WIL-A Module access vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005052"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "trust management",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201311-098"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2013-5558

Vulnerability from fkie_nvd - Published: 2013-11-08 04:47 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

	URL	Tags
	psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-tvxca	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-tvxca	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	telepresence_vx_clinical_assistant	1.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_vx_clinical_assistant:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB9D3EC-49EE-442E-9C22-22C3A5F6AFD3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 before 1.21 changes the admin password to an empty password upon a reboot, which makes it easier for remote attackers to obtain access via the administrative interface, aka Bug ID CSCuj17238."
    },
    {
      "lang": "es",
      "value": "El m\u00f3dulo WIL-A en Cisco TelePresence VX Clinical Assistant 1.2 anterior a la versi\u00f3n 1.21 cambia la contrase\u00f1a de administrador por una en blanco al reiniciar el sistema, lo que hace m\u00e1s sencillo a atacantes remotos obtener acceso a trav\u00e9s de la interfaz administrativa, tambi\u00e9n conocido como Bug ID CSCuj17238."
    }
  ],
  "id": "CVE-2013-5558",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-11-08T04:47:23.040",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-tvxca"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-tvxca"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-6CG3-M5C8-XGWX

Vulnerability from github – Published: 2022-05-17 04:58 – Updated: 2022-05-17 04:58

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-5558"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-11-08T04:47:00Z",
    "severity": "HIGH"
  },
  "details": "The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 before 1.21 changes the admin password to an empty password upon a reboot, which makes it easier for remote attackers to obtain access via the administrative interface, aka Bug ID CSCuj17238.",
  "id": "GHSA-6cg3-m5c8-xgwx",
  "modified": "2022-05-17T04:58:10Z",
  "published": "2022-05-17T04:58:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5558"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-tvxca"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2013-AVI-620

Vulnerability from certfr_avis - Published: 2013-11-07 - Updated: 2013-11-07

Une vulnérabilité a été corrigée dans Cisco TelePresence VX Clinical Assistant. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

GSD-2013-5558

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2013-5558

Aliases

CVE-2013-5558

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-5558",
    "description": "The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 before 1.21 changes the admin password to an empty password upon a reboot, which makes it easier for remote attackers to obtain access via the administrative interface, aka Bug ID CSCuj17238.",
    "id": "GSD-2013-5558"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-5558"
      ],
      "details": "The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 before 1.21 changes the admin password to an empty password upon a reboot, which makes it easier for remote attackers to obtain access via the administrative interface, aka Bug ID CSCuj17238.",
      "id": "GSD-2013-5558",
      "modified": "2023-12-13T01:22:21.658638Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2013-5558",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 before 1.21 changes the admin password to an empty password upon a reboot, which makes it easier for remote attackers to obtain access via the administrative interface, aka Bug ID CSCuj17238."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20131106 Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-tvxca"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:telepresence_vx_clinical_assistant:1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2013-5558"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 before 1.21 changes the admin password to an empty password upon a reboot, which makes it easier for remote attackers to obtain access via the administrative interface, aka Bug ID CSCuj17238."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-255"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20131106 Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-tvxca"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-11-08T18:43Z",
      "publishedDate": "2013-11-08T04:47Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-5558 (GCVE-0-2013-5558)

VAR-201311-0298

FKIE_CVE-2013-5558

GHSA-6CG3-M5C8-XGWX

CERTA-2013-AVI-620

Solution

GSD-2013-5558

Tags

Sightings

Nomenclature