Details of VAR-201308-0087

ID

VAR-201308-0087

CVE

CVE-2013-3390

TITLE

Cisco Prime Central for Hosted Collaboration Solution Assurance Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-003867

DESCRIPTION

Memory leak in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets, aka Bug ID CSCub59158. The Cisco Prime Central for HCS Assurance is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause a denial of service condition. This issue is being tracked by Cisco Bug ID CSCub59158. Cisco Prime Central for HCS Assurance 9.1 and prior are vulnerable. The platform provides functions such as secure access authentication and real-time fault analysis

Trust: 2.07

sources: NVD: CVE-2013-3390 // JVNDB: JVNDB-2013-003867 // BID: 61914 // VULHUB: VHN-63392 // VULMON: CVE-2013-3390

AFFECTED PRODUCTS

vendor:	cisco	model:	prime central for hosted collaboration solution assurance	scope:	eq	version:	9.1	Trust: 1.6
vendor:	cisco	model:	prime central for hosted collaboration solution assurance	scope:	eq	version:	9.1.1	Trust: 1.6
vendor:	cisco	model:	prime central for hosted collaboration solution assurance	scope:	eq	version:	9.2	Trust: 1.6
vendor:	cisco	model:	prime central for hosted collaboration solution assurance	scope:	eq	version:	8.6	Trust: 1.6
vendor:	cisco	model:	prime central for hosted collaboration solution assurance	scope:	eq	version:	9.0	Trust: 1.6
vendor:	cisco	model:	prime central for hcs assurance	scope:	eq	version:	8.6	Trust: 0.8
vendor:	cisco	model:	prime central for hcs assurance	scope:	lt	version:	9.x	Trust: 0.8
vendor:	cisco	model:	prime central for hcs assurance	scope:	eq	version:	9.2(1)	Trust: 0.8

sources: JVNDB: JVNDB-2013-003867 // CNNVD: CNNVD-201308-360 // NVD: CVE-2013-3390

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-3390
value:	HIGH
Trust: 1.0
NVD:	CVE-2013-3390
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201308-360
value:	HIGH
Trust: 0.6
VULHUB:	VHN-63392
value:	HIGH
Trust: 0.1
VULMON:	CVE-2013-3390
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2013-3390
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-63392
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-63392 // VULMON: CVE-2013-3390 // JVNDB: JVNDB-2013-003867 // CNNVD: CNNVD-201308-360 // NVD: CVE-2013-3390

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-63392 // JVNDB: JVNDB-2013-003867 // NVD: CVE-2013-3390

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201308-360

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201308-360

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-003867

PATCH

title:	cisco-sa-20130821-hcm	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-hcm	Trust: 0.8
title:	30428	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=30428	Trust: 0.8
title:	cisco-sa-20130821-hcm	url:	http://www.cisco.com/cisco/web/support/JP/111/1119/1119756_cisco-sa-20130821-hcm-j.html	Trust: 0.8

sources: JVNDB: JVNDB-2013-003867

EXTERNAL IDS

db:	NVD	id:	CVE-2013-3390	Trust: 2.9
db:	BID	id:	61914	Trust: 1.0
db:	JVNDB	id:	JVNDB-2013-003867	Trust: 0.8
db:	CNNVD	id:	CNNVD-201308-360	Trust: 0.7
db:	CISCO	id:	20130821 CISCO PRIME CENTRAL FOR HOSTED COLLABORATION SOLUTION ASSURANCE DENIAL OF SERVICE VULNERABILITIES	Trust: 0.6
db:	VULHUB	id:	VHN-63392	Trust: 0.1
db:	VULMON	id:	CVE-2013-3390	Trust: 0.1

sources: VULHUB: VHN-63392 // VULMON: CVE-2013-3390 // BID: 61914 // JVNDB: JVNDB-2013-003867 // CNNVD: CNNVD-201308-360 // NVD: CVE-2013-3390

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130821-hcm	Trust: 1.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3390	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3390	Trust: 0.8
url:	http://www.securityfocus.com/bid/61914	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/399.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-63392 // VULMON: CVE-2013-3390 // JVNDB: JVNDB-2013-003867 // CNNVD: CNNVD-201308-360 // NVD: CVE-2013-3390

CREDITS

Cisco

Trust: 0.9

sources: BID: 61914 // CNNVD: CNNVD-201308-360

SOURCES

db:	VULHUB	id:	VHN-63392
db:	VULMON	id:	CVE-2013-3390
db:	BID	id:	61914
db:	JVNDB	id:	JVNDB-2013-003867
db:	CNNVD	id:	CNNVD-201308-360
db:	NVD	id:	CVE-2013-3390

LAST UPDATE DATE

2025-04-11T23:02:57.306000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-63392	date:	2013-08-27T00:00:00
db:	VULMON	id:	CVE-2013-3390	date:	2013-08-27T00:00:00
db:	BID	id:	61914	date:	2013-08-21T00:00:00
db:	JVNDB	id:	JVNDB-2013-003867	date:	2013-08-27T00:00:00
db:	CNNVD	id:	CNNVD-201308-360	date:	2013-08-29T00:00:00
db:	NVD	id:	CVE-2013-3390	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-63392	date:	2013-08-25T00:00:00
db:	VULMON	id:	CVE-2013-3390	date:	2013-08-25T00:00:00
db:	BID	id:	61914	date:	2013-08-21T00:00:00
db:	JVNDB	id:	JVNDB-2013-003867	date:	2013-08-27T00:00:00
db:	CNNVD	id:	CNNVD-201308-360	date:	2013-08-29T00:00:00
db:	NVD	id:	CVE-2013-3390	date:	2013-08-25T03:27:32.577