CVE-2009-2977

Published: Aug 27, 2009Modified: Apr 23, 2026

3.3

Vector

AV:A/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 6.5 / Impact: 2.9

Source: NVD

Description

The Cisco Security Monitoring, Analysis and Response System (CS-MARS) 6.0.4 and earlier stores cleartext passwords in log/sysbacktrace.## files within error-logs.tar.gz archives, which allows context-dependent attackers to obtain sensitive information by reading these files.

Affected (5)

Products: Cisco: Cs Mars

1 product

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Cisco Cs Mars	Up to 6.0.4
Cisco Cs Mars	Version 4.1.2
Cisco Cs Mars	Version 4.1.3
Cisco Cs Mars	Version 4.1.5
Cisco Cs Mars	Version 4.1

Related CWEs

References (12)

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtb52450

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/505995/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/505998/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/36098

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/2364

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/52913

Source: cve@mitre.org

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtb52450

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/505995/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/505998/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/36098

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/2364

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/52913

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.