6.8

CVE-2009-2046

EPSS 0.22%
Veröffentlicht 25.06.2009 01:30:01
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

The embedded web server on the Cisco Video Surveillance 2500 Series IP Camera with firmware before 2.1 allows remote attackers to read arbitrary files via a (1) http or (2) https request, related to the (a) SD Camera Web Server and the (b) Wireless Camera HTTP Server, aka Bug IDs CSCsu05515 and CSCsr96497.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Video Surveillance 2500 Series Ip Camera Version <= 2.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.22%	0.413

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8	6.9	AV:N/AC:L/Au:S/C:C/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080ad1002.html

http://www.cisco.com/en/US/products/products_security_advisory09186a0080ad0f8f.shtml

Patch

Vendor Advisory

http://www.securityfocus.com/bid/35478

http://www.securitytracker.com/id?1022445

https://nvd.nist.gov/vuln/detail/CVE-2009-2046

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-2046

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-2046

EUVD