CVE-2013-3409
First published: Thu Oct 10 2013(Updated: )
The portal in Cisco Prime Central for Hosted Collaboration Solution (HCS) places cleartext credentials in temporary files, which allows local users to obtain sensitive information by leveraging weak file permissions to read these files, aka Bug IDs CSCuh33735 and CSCuh34230.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Prime Central for Hosted Collaboration Solution |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2013-3409?
CVE-2013-3409 is considered a medium severity vulnerability due to its potential exposure of sensitive information.
How do I fix CVE-2013-3409?
To fix CVE-2013-3409, ensure that temporary files do not contain cleartext credentials and adjust file permissions appropriately.
Who is affected by CVE-2013-3409?
CVE-2013-3409 affects users of Cisco Prime Central for Hosted Collaboration Solution.
What risks are associated with CVE-2013-3409?
The primary risk of CVE-2013-3409 is that local users can access sensitive credentials through weak file permissions.
When was CVE-2013-3409 disclosed?
CVE-2013-3409 was disclosed in 2013.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/severity
- agent/last-modified-date
- agent/author
- agent/tags
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- vendor/cisco
- canonical/cisco prime central for hosted collaboration solution