VIR Vulnerability Intelligence Relay

CVE-2013-3454

critical
Published 2013-08-08 · Modified 2026-04-29
CVSS v3
CVSS v2
10.0
VIR risk
10.0

Description

Cisco TelePresence System Software 1.10.1 and earlier on 500, 13X0, 1X00, 30X0, and 3X00 devices, and 6.0.3 and earlier on TX 9X00 devices, has a default password for the pwrecovery account, which makes it easier for remote attackers to modify the configuration or perform arbitrary actions via HTTPS requests, aka Bug ID CSCui43128.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130807-tp

Application impact
VendorProductVersionsFixed
ciscotelepresence_system_software{"endIncluding":"6.0.3\\(33\\)"}
ciscotelepresence_system_software1.9.0\(46\)
ciscotelepresence_system_software1.9.0.1\(3\)
ciscotelepresence_system_software1.9.1\(68\)
ciscotelepresence_system_software1.9.2
ciscotelepresence_system_software1.9.2\(19\)
ciscotelepresence_system_software1.9.3
ciscotelepresence_system_software1.9.3\(44\)
ciscotelepresence_system_software1.9.4
ciscotelepresence_system_software1.9.4\(19\)
ciscotelepresence_system_software1.9.5
ciscotelepresence_system_software1.9.5\(7\)
ciscotelepresence_system_software1.9.6
ciscotelepresence_system_software1.9.6\(2\)
ciscotelepresence_system_software6.0.0.1\(4\)
ciscotelepresence_system_software6.0.1\(50\)
ciscotelepresence_system_software6.0.2\(28\)
ciscotelepresence_system_software1.2.3
ciscotelepresence_system_software1.2.3\(1101\)
ciscotelepresence_system_software1.3.2
ciscotelepresence_system_software1.3.2\(1393\)
ciscotelepresence_system_software1.4.7
ciscotelepresence_system_software1.4.7\(2229\)
ciscotelepresence_system_software1.5.1
ciscotelepresence_system_software1.5.1\(2082\)
ciscotelepresence_system_software1.5.3
ciscotelepresence_system_software1.5.3\(2115\)
ciscotelepresence_system_software1.5.10
ciscotelepresence_system_software1.5.10\(3648\)
ciscotelepresence_system_software1.5.11
ciscotelepresence_system_software1.5.11\(3659\)
ciscotelepresence_system_software1.5.12
ciscotelepresence_system_software1.5.12\(3701\)
ciscotelepresence_system_software1.5.13
ciscotelepresence_system_software1.5.13\(3717\)
ciscotelepresence_system_software1.6.0
ciscotelepresence_system_software1.6.0\(3954\)
ciscotelepresence_system_software1.6.1
ciscotelepresence_system_software1.6.2
ciscotelepresence_system_software1.6.2\(4023\)
ciscotelepresence_system_software1.6.3
ciscotelepresence_system_software1.6.3\(4042\)
ciscotelepresence_system_software1.6.4
ciscotelepresence_system_software1.6.4\(4072\)
ciscotelepresence_system_software1.6.5
ciscotelepresence_system_software1.6.5\(4097\)
ciscotelepresence_system_software1.6.6
ciscotelepresence_system_software1.6.6\(4109\)
ciscotelepresence_system_software1.6.7
ciscotelepresence_system_software1.6.7\(4212\)
ciscotelepresence_system_software1.6.8
ciscotelepresence_system_software1.6.8\(4222\)
ciscotelepresence_system_software1.7.0.1\(4764\)
ciscotelepresence_system_software1.7.0.2\(4719\)
ciscotelepresence_system_software1.7.1\(4864\)
ciscotelepresence_system_software1.7.2\(4937\)
ciscotelepresence_system_software1.7.2.1\(2\)
ciscotelepresence_system_software1.7.4\(270\)
ciscotelepresence_system_software1.7.5\(42\)
ciscotelepresence_system_software1.7.6\(4\)
ciscotelepresence_system_software1.8.0\(55\)
ciscotelepresence_system_software1.8.1\(34\)
ciscotelepresence_system_software1.8.2\(11\)
ciscotelepresence_system_software1.8.3\(4\)
ciscotelepresence_system_software1.10.0

References

CWEs

CWE-255

Verify integrity in audit chain (admin only). AS-IS.