CVE-2013-5533

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2013-5533
The image-upgrade functionality on Cisco 9900 Unified IP phones allows local users to gain privileges by placing shell commands in an unspecified parameter, aka Bug ID CSCuh10334.

6.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:H/Au:S/C:C/I:C/A:C

Exploitability : 1.5 / Impact : 10.0

Access Vector LOCAL

Access Complexity HIGH

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5533 Vendor Advisory
http://www.securityfocus.com/bid/62943 Third Party Advisory VDB Entry
http://osvdb.org/98337
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:cisco:unified_ip_phones_9900_series_firmware:-:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:unified_ip_phone_9971:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:unified_ip_phone_9951:*:*:*:*:*:*:*:*
Information

Published : 2013-10-10 20:54

Updated : 2016-09-22 10:46

NVD link : CVE-2013-5533

Mitre link : CVE-2013-5533

JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa
Products Affected

cisco

  • unified_ip_phone_9951
  • unified_ip_phones_9900_series_firmware
  • unified_ip_phone_9971