VAR-201311-0298
Vulnerability from variot - Updated: 2025-04-11 23:19The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 before 1.21 changes the admin password to an empty password upon a reboot, which makes it easier for remote attackers to obtain access via the administrative interface, aka Bug ID CSCuj17238. Vendors have confirmed this vulnerability Bug ID CSCuj17238 It is released as.A third party may gain access through the administration interface. Exploiting this issue could allow an attacker to bypass certain security restrictions and perform unauthorized actions on the device running the vulnerable application. This issue is being tracked by Cisco Bug ID CSCuj17238. The system can provide remote diagnosis, virtual nursing, medical education and other functions through high-definition video. The vulnerability is caused by an error in the program's handling of administrative passwords. When the system is restarted, the software resets the admin password to an empty password. An attacker could exploit this vulnerability to gain administrative privileges by logging into the management interface
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0298",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "telepresence vx clinical assistant",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.2"
},
{
"model": "telepresence vx clinical assistant",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "1.2"
},
{
"model": "telepresence vx clinical assistant",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "1.21"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005052"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-098"
},
{
"db": "NVD",
"id": "CVE-2013-5558"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:telepresence_vx_clinical_assistant",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005052"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "63552"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-098"
}
],
"trust": 0.9
},
"cve": "CVE-2013-5558",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-5558",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-65560",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-5558",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-5558",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-098",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-65560",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65560"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005052"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-098"
},
{
"db": "NVD",
"id": "CVE-2013-5558"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 before 1.21 changes the admin password to an empty password upon a reboot, which makes it easier for remote attackers to obtain access via the administrative interface, aka Bug ID CSCuj17238. Vendors have confirmed this vulnerability Bug ID CSCuj17238 It is released as.A third party may gain access through the administration interface. \nExploiting this issue could allow an attacker to bypass certain security restrictions and perform unauthorized actions on the device running the vulnerable application. \nThis issue is being tracked by Cisco Bug ID CSCuj17238. The system can provide remote diagnosis, virtual nursing, medical education and other functions through high-definition video. The vulnerability is caused by an error in the program\u0027s handling of administrative passwords. When the system is restarted, the software resets the admin password to an empty password. An attacker could exploit this vulnerability to gain administrative privileges by logging into the management interface",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5558"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005052"
},
{
"db": "BID",
"id": "63552"
},
{
"db": "VULHUB",
"id": "VHN-65560"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-5558",
"trust": 2.8
},
{
"db": "BID",
"id": "63552",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005052",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-098",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "25227",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20131106 CISCO TELEPRESENCE VX CLINICAL ASSISTANT ADMINISTRATIVE PASSWORD RESET VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-65560",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65560"
},
{
"db": "BID",
"id": "63552"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005052"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-098"
},
{
"db": "NVD",
"id": "CVE-2013-5558"
}
]
},
"id": "VAR-201311-0298",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-65560"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T23:19:27.211000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20131106-tvxca",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-tvxca"
},
{
"title": "31571",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31571"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005052"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65560"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005052"
},
{
"db": "NVD",
"id": "CVE-2013-5558"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20131106-tvxca"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5558"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5558"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/63552"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/25227"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65560"
},
{
"db": "BID",
"id": "63552"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005052"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-098"
},
{
"db": "NVD",
"id": "CVE-2013-5558"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-65560"
},
{
"db": "BID",
"id": "63552"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005052"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-098"
},
{
"db": "NVD",
"id": "CVE-2013-5558"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-08T00:00:00",
"db": "VULHUB",
"id": "VHN-65560"
},
{
"date": "2013-11-06T00:00:00",
"db": "BID",
"id": "63552"
},
{
"date": "2013-11-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005052"
},
{
"date": "2013-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-098"
},
{
"date": "2013-11-08T04:47:23.040000",
"db": "NVD",
"id": "CVE-2013-5558"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-08T00:00:00",
"db": "VULHUB",
"id": "VHN-65560"
},
{
"date": "2013-11-06T00:00:00",
"db": "BID",
"id": "63552"
},
{
"date": "2013-11-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005052"
},
{
"date": "2013-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-098"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-5558"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-098"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco TelePresence VX Clinical Assistant of WIL-A Module access vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005052"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-098"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…