CVE-2013-2680 - Cisco Linksys E4200 1.0.05 Build 7 devices store passwords in cleartext allowing remote attackers to

CVE-2013-2680

Summary

Cisco Linksys E4200 1.0.05 Build 7 devices store passwords in cleartext allowing remote attackers to obtain sensitive information.

References

Vulnerable Configurations

cpe:2.3:o:cisco:linksys_e4200_firmware:1.0.05:*:*:*:*:*:*:*
cpe:2.3:o:cisco:linksys_e4200_firmware:1.0.05:*:*:*:*:*:*:*
cpe:2.3:h:cisco:linksys_e4200:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:linksys_e4200:-:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Retrieve Embedded Sensitive Data
An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:N/A:N

refmap via4

bid	59712
misc	http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html
xf	84073

Last major update

07-02-2020 - 13:14

Published

05-02-2020 - 21:15

Last modified

07-02-2020 - 13:14