VIR Vulnerability Intelligence Relay

CVE-2013-3429

high
Published 2013-07-25 · Modified 2026-04-29
CVSS v3
CVSS v2
7.8
VIR risk
7.8

Description

Multiple directory traversal vulnerabilities in Cisco Video Surveillance Manager (VSM) before 7.0.0 allow remote attackers to read system files via a crafted URL, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv37163.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130724-vsm

Application impact
VendorProductVersionsFixed
ciscovideo_surveillance_manager{"endIncluding":"6.3.3"}
ciscovideo_surveillance_manager1.1.0
ciscovideo_surveillance_manager1.2.1
ciscovideo_surveillance_manager2.0.0
ciscovideo_surveillance_manager2.1
ciscovideo_surveillance_manager2.1.2
ciscovideo_surveillance_manager2.1.3
ciscovideo_surveillance_manager2.1.4
ciscovideo_surveillance_manager2.1.6
ciscovideo_surveillance_manager2.1.7
ciscovideo_surveillance_manager2.3.0
ciscovideo_surveillance_manager2.3.1
ciscovideo_surveillance_manager4.0.1
ciscovideo_surveillance_manager4.2.0
ciscovideo_surveillance_manager4.2.1
ciscovideo_surveillance_manager6.3
ciscovideo_surveillance_manager6.3.1
ciscovideo_surveillance_manager6.3.2

References

CWEs

CWE-22

Verify integrity in audit chain (admin only). AS-IS.