CVE-2013-1111

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2013-1111
The Cisco ATA 187 Analog Telephone Adaptor with firmware 9.2.1.0 and 9.2.3.1 before ES build 4 does not properly implement access control, which allows remote attackers to execute operating-system commands via vectors involving a session on TCP port 7870, aka Bug ID CSCtz67038.

9.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:C

Exploitability : 10.0 / Impact : 8.5

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact COMPLETE

References
Link Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130206-ata187 Vendor Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:cisco:ata_187_analog_telephone_adaptor_firmware:9.2.1.0:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ata_187_analog_telephone_adaptor_firmware:9.2.3.1:*:*:*:*:*:*:*
cpe:2.3:h:cisco:ata_187_analog_telephone_adaptor:-:*:*:*:*:*:*:*
Information

Published : 2013-02-13 15:55

Updated : 2013-02-13 21:00

NVD link : CVE-2013-1111

Mitre link : CVE-2013-1111

JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa
Products Affected

cisco

  • ata_187_analog_telephone_adaptor
  • ata_187_analog_telephone_adaptor_firmware