Details of VAR-201308-0086

ID

VAR-201308-0086

CVE

CVE-2013-3389

TITLE

Cisco Prime Central for Hosted Collaboration Solution Assurance Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-003866

DESCRIPTION

Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets to port (1) 61615 or (2) 61616, aka Bug ID CSCtz90114. Successfully exploiting this issue allows remote attackers to consume excessive memory resources, potentially denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCtz90114. The platform provides functions such as secure access authentication and real-time fault analysis

Trust: 1.98

sources: NVD: CVE-2013-3389 // JVNDB: JVNDB-2013-003866 // BID: 61912 // VULHUB: VHN-63391

AFFECTED PRODUCTS

vendor:	cisco	model:	prime central for hosted collaboration solution assurance	scope:	eq	version:	9.1	Trust: 1.6
vendor:	cisco	model:	prime central for hosted collaboration solution assurance	scope:	eq	version:	9.1.1	Trust: 1.6
vendor:	cisco	model:	prime central for hosted collaboration solution assurance	scope:	eq	version:	9.2	Trust: 1.6
vendor:	cisco	model:	prime central for hosted collaboration solution assurance	scope:	eq	version:	8.6	Trust: 1.6
vendor:	cisco	model:	prime central for hosted collaboration solution assurance	scope:	eq	version:	9.0	Trust: 1.6
vendor:	cisco	model:	prime central for hcs assurance	scope:	eq	version:	8.6	Trust: 0.8
vendor:	cisco	model:	prime central for hcs assurance	scope:	lt	version:	9.x	Trust: 0.8
vendor:	cisco	model:	prime central for hcs assurance	scope:	eq	version:	9.2(1)	Trust: 0.8

sources: JVNDB: JVNDB-2013-003866 // CNNVD: CNNVD-201308-358 // NVD: CVE-2013-3389

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-3389
value:	HIGH
Trust: 1.0
NVD:	CVE-2013-3389
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201308-358
value:	HIGH
Trust: 0.6
VULHUB:	VHN-63391
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2013-3389
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-63391
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-63391 // JVNDB: JVNDB-2013-003866 // CNNVD: CNNVD-201308-358 // NVD: CVE-2013-3389

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-63391 // JVNDB: JVNDB-2013-003866 // NVD: CVE-2013-3389

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201308-358

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201308-358

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-003866

PATCH

title:	cisco-sa-20130821-hcm	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-hcm	Trust: 0.8
title:	30429	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=30429	Trust: 0.8
title:	cisco-sa-20130821-hcm	url:	http://www.cisco.com/cisco/web/support/JP/111/1119/1119756_cisco-sa-20130821-hcm-j.html	Trust: 0.8

sources: JVNDB: JVNDB-2013-003866

EXTERNAL IDS

db:	NVD	id:	CVE-2013-3389	Trust: 2.8
db:	BID	id:	61912	Trust: 1.0
db:	JVNDB	id:	JVNDB-2013-003866	Trust: 0.8
db:	CNNVD	id:	CNNVD-201308-358	Trust: 0.7
db:	CISCO	id:	20130821 CISCO PRIME CENTRAL FOR HOSTED COLLABORATION SOLUTION ASSURANCE DENIAL OF SERVICE VULNERABILITIES	Trust: 0.6
db:	VULHUB	id:	VHN-63391	Trust: 0.1

sources: VULHUB: VHN-63391 // BID: 61912 // JVNDB: JVNDB-2013-003866 // CNNVD: CNNVD-201308-358 // NVD: CVE-2013-3389

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130821-hcm	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3389	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3389	Trust: 0.8
url:	http://www.securityfocus.com/bid/61912	Trust: 0.6

sources: VULHUB: VHN-63391 // JVNDB: JVNDB-2013-003866 // CNNVD: CNNVD-201308-358 // NVD: CVE-2013-3389

CREDITS

Cisco

Trust: 0.9

sources: BID: 61912 // CNNVD: CNNVD-201308-358

SOURCES

db:	VULHUB	id:	VHN-63391
db:	BID	id:	61912
db:	JVNDB	id:	JVNDB-2013-003866
db:	CNNVD	id:	CNNVD-201308-358
db:	NVD	id:	CVE-2013-3389

LAST UPDATE DATE

2025-04-11T23:02:57.276000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-63391	date:	2013-08-27T00:00:00
db:	BID	id:	61912	date:	2013-08-21T00:00:00
db:	JVNDB	id:	JVNDB-2013-003866	date:	2013-08-27T00:00:00
db:	CNNVD	id:	CNNVD-201308-358	date:	2013-08-29T00:00:00
db:	NVD	id:	CVE-2013-3389	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-63391	date:	2013-08-25T00:00:00
db:	BID	id:	61912	date:	2013-08-21T00:00:00
db:	JVNDB	id:	JVNDB-2013-003866	date:	2013-08-27T00:00:00
db:	CNNVD	id:	CNNVD-201308-358	date:	2013-08-29T00:00:00
db:	NVD	id:	CVE-2013-3389	date:	2013-08-25T03:27:32.560