CVE-2013-6978

medium

Cisco

CVSS v3 Base Score

4.0

AV:N/AC:L/Au:S/C:P/I:N/A:N

EPSS Score

0.5%

Exploitation probability in 30 days

Top 34% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

Integrity

None

Availability

None

Published: December 21, 2013 (4526 days ago)

Last Modified: April 29, 2026

Vendor: Cisco

Source: NVD

Description

The disaster recovery system (DRS) component in Cisco Unified Communications Manager (UCM) 9.1(1) and earlier allows remote authenticated users to obtain sensitive device information by reading "extraneous information" in HTML source code, aka Bug ID CSCuj39249.

CWE

CWE-200

Affected Products

cisco unified communications manager

References

🔗 osvdb.org 🔗 tools.cisco.com 🔗 tools.cisco.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com

CVE-2013-6978

Vulnerability Report

Description

CWE

Affected Products

References