VAR-201311-0239
Vulnerability from variot - Updated: 2023-12-18 13:57The firmware on Cisco Unified IP phones 8961, 9951, and 9971 uses weak permissions for memory block devices, which allows local users to gain privileges by mounting a device with a setuid file in its filesystem, aka Bug ID CSCui04382. An attacker with local access could potentially exploit this issue to gain escalated privileges. Successful exploits will completely compromise the affected device. This issue is tracked by Cisco Bug ID CSCui04382. The device provides functions such as voice and video. A local attacker could exploit this vulnerability by mounting the device with a malicious file system to take complete control of the affected device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0239",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unified ip phone",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "unified ip phone 8961",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "unified ip phone 9951",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "unified ip phone 9971",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "unified ip phone 8961",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "unified ip phone 9900 series",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "9.4.1"
},
{
"model": "unified ip phone 9951",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "unified ip phone 9971",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "unified ip phones series",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9900"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14476"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005111"
},
{
"db": "NVD",
"id": "CVE-2013-6685"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-202"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:unified_ip_phone_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:unified_ip_phone_8961:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:unified_ip_phone_9971:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:unified_ip_phone_9951:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6685"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "63687"
}
],
"trust": 0.3
},
"cve": "CVE-2013-6685",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 2.7,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.6,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-6685",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"id": "CNVD-2013-14476",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 2.7,
"id": "VHN-66687",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6685",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-14476",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-202",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-66687",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14476"
},
{
"db": "VULHUB",
"id": "VHN-66687"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005111"
},
{
"db": "NVD",
"id": "CVE-2013-6685"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-202"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The firmware on Cisco Unified IP phones 8961, 9951, and 9971 uses weak permissions for memory block devices, which allows local users to gain privileges by mounting a device with a setuid file in its filesystem, aka Bug ID CSCui04382. \nAn attacker with local access could potentially exploit this issue to gain escalated privileges. Successful exploits will completely compromise the affected device. \nThis issue is tracked by Cisco Bug ID CSCui04382. The device provides functions such as voice and video. A local attacker could exploit this vulnerability by mounting the device with a malicious file system to take complete control of the affected device",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6685"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005111"
},
{
"db": "CNVD",
"id": "CNVD-2013-14476"
},
{
"db": "BID",
"id": "63687"
},
{
"db": "VULHUB",
"id": "VHN-66687"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6685",
"trust": 3.4
},
{
"db": "BID",
"id": "63687",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005111",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-202",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-14476",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20131112 CISCO UNIFIED IP PHONE 8900/9900 SERIES INSECURE FILE PERMISSIONS VULNERABILITY",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-91776",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-66687",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14476"
},
{
"db": "VULHUB",
"id": "VHN-66687"
},
{
"db": "BID",
"id": "63687"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005111"
},
{
"db": "NVD",
"id": "CVE-2013-6685"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-202"
}
]
},
"id": "VAR-201311-0239",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14476"
},
{
"db": "VULHUB",
"id": "VHN-66687"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14476"
}
]
},
"last_update_date": "2023-12-18T13:57:46.276000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco Unified IP Phone 8900/9900 Series Insecure File Permissions Vulnerability",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-6685"
},
{
"title": "31741",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=31741"
},
{
"title": "Patch for Cisco Unified IP Phone 8900/9900 Series Unsecure File Permission Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/41128"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14476"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005111"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66687"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005111"
},
{
"db": "NVD",
"id": "CVE-2013-6685"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-6685"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6685"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6685"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14476"
},
{
"db": "VULHUB",
"id": "VHN-66687"
},
{
"db": "BID",
"id": "63687"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005111"
},
{
"db": "NVD",
"id": "CVE-2013-6685"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-202"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-14476"
},
{
"db": "VULHUB",
"id": "VHN-66687"
},
{
"db": "BID",
"id": "63687"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005111"
},
{
"db": "NVD",
"id": "CVE-2013-6685"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-202"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14476"
},
{
"date": "2013-11-13T00:00:00",
"db": "VULHUB",
"id": "VHN-66687"
},
{
"date": "2013-11-12T00:00:00",
"db": "BID",
"id": "63687"
},
{
"date": "2013-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005111"
},
{
"date": "2013-11-13T15:55:04.550000",
"db": "NVD",
"id": "CVE-2013-6685"
},
{
"date": "2013-11-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-202"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14476"
},
{
"date": "2013-11-14T00:00:00",
"db": "VULHUB",
"id": "VHN-66687"
},
{
"date": "2013-11-15T00:33:00",
"db": "BID",
"id": "63687"
},
{
"date": "2013-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005111"
},
{
"date": "2013-11-14T19:45:27.820000",
"db": "NVD",
"id": "CVE-2013-6685"
},
{
"date": "2013-11-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-202"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "63687"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-202"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Unified IP phones Vulnerabilities that can be used to acquire privileges in the firmware of",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005111"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-202"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…