Unrated severityNVD Advisory· Published Jun 30, 2013· Updated Apr 29, 2026

CVE-2013-4732

Description

The administrative web server on the Digital Alert Systems DASDEC EAS device through 2.0-2 and the Monroe Electronics R189 One-Net EAS device through 2.0-2 uses predictable session ID values, which makes it easier for remote attackers to hijack sessions by sniffing the network. NOTE: VU#662676 states "Monroe Electronics could not reproduce this finding.

Affected products

Digital Alert Systems/Dasdec Eas3 versions
cpe:2.3:h:digital_alert_systems:dasdec_eas:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:h:digital_alert_systems:dasdec_eas:*:*:*:*:*:*:*:*range: <=2.0-2
- cpe:2.3:h:digital_alert_systems:dasdec_eas:2.0-0:*:*:*:*:*:*:*
- cpe:2.3:h:digital_alert_systems:dasdec_eas:2.0-1:*:*:*:*:*:*:*
Monroe Electronics/R189 One Net Eas3 versions
cpe:2.3:h:monroe_electronics:r189_one-net_eas:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:h:monroe_electronics:r189_one-net_eas:*:*:*:*:*:*:*:*range: <=2.0-2
- cpe:2.3:h:monroe_electronics:r189_one-net_eas:2.0-0:*:*:*:*:*:*:*
- cpe:2.3:h:monroe_electronics:r189_one-net_eas:2.0-1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.digitalalertsystems.com/pdf/130604-Monroe-Security-PR.pdfnvdVendor Advisory
www.monroe-electronics.com/MONROE_ELECTRONICS_PDF/130604-Monroe-Security-PR.pdfnvdVendor Advisory
www.kb.cert.org/vuls/id/662676nvdUS Government Resource
www.kb.cert.org/vuls/id/AAMN-98MU7HnvdUS Government Resource
www.kb.cert.org/vuls/id/AAMN-98MUK2nvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000