VAR-201702-0816
Vulnerability from variot - Updated: 2023-12-18 12:04A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint Control Unit (MCU) Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability is due to improper size validation when reassembling fragmented IPv4 or IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv4 or IPv6 fragments to a port receiving content in Passthrough content mode. An exploit could allow the attacker to overflow a buffer. If successful, the attacker could execute arbitrary code or cause a DoS condition on the affected system. Cisco TelePresence MCU platforms TelePresence MCU 5300 Series, TelePresence MCU MSE 8510 and TelePresence MCU 4500 are affected when running software version 4.3(1.68) or later configured for Passthrough content mode. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available, but mitigations are available. Cisco Bug IDs: CSCuu67675. Cisco TelePresence Multipoint Control Unit is prone to a remote code-execution vulnerability. Failed attempts will likely result in denial-of-service conditions. Cisco TelePresence Server is a set of video conferencing solutions called "TelePresence" system of Cisco (Cisco). Mobility Services Engine (MSE) is a set of platforms (mobile service engine) that can provide Wi-Fi services. The platform collects, stores and manages data from wireless clients, Cisco access points and controllers. 8710 Processors is one of those processes. Cisco TelePresence Software is one of the video conferencing software running on Cisco TelePresence Server. The solution provides components such as audio and video spaces, which can provide remote participants with a "face-to-face" virtual meeting room effect. kernel is one of the kernel components. The vulnerability is caused by the program not checking the packet size
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0816",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.3_\\(2.18\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.4_\\(3.57\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.3_\\(2.32\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.3_\\(2.30\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.4_\\(3.49\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.4_\\(3.42\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.5_\\(1.72\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.4_\\(3.54\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.5_\\(1.71\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.3_\\(1.68\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.4_\\(3.67\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.5_\\(1.45\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.5_\\(1.55\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.5_\\(1.85\\)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.3 (1.68)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.3 (2.18)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.3 (2.30)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.3 (2.32)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.4 (3.42)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.4 (3.49)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.4 (3.54)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.4 (3.57)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.4 (3.67)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.5 (1.45)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.5 (1.55)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.5 (1.71)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.5 (1.72)"
},
{
"model": "telepresence mcu software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.5 (1.85)"
},
{
"model": "telepresence mcu mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "85104.3(1.68)"
},
{
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "53004.3(1.68)"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "45004.3(1.68)"
}
],
"sources": [
{
"db": "BID",
"id": "95787"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001401"
},
{
"db": "NVD",
"id": "CVE-2017-3792"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-066"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.4_\\(3.57\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.4_\\(3.54\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.5_\\(1.72\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.5_\\(1.71\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.4_\\(3.49\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.4_\\(3.42\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.5_\\(1.85\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.5_\\(1.55\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.3_\\(2.32\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.3_\\(2.30\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.5_\\(1.45\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.4_\\(3.67\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.3_\\(2.18\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:telepresence_mcu_software:4.3_\\(1.68\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:telepresence_mcu_4520:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:telepresence_mcu_4515:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:telepresence_mcu_4505:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:telepresence_mcu_4510:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:telepresence_mcu_mse_8510:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:telepresence_mcu_5310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:telepresence_mcu_5320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3792"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "95787"
}
],
"trust": 0.3
},
"cve": "CVE-2017-3792",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-3792",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-111995",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-3792",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-3792",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201702-066",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-111995",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-3792",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111995"
},
{
"db": "VULMON",
"id": "CVE-2017-3792"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001401"
},
{
"db": "NVD",
"id": "CVE-2017-3792"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-066"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint Control Unit (MCU) Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability is due to improper size validation when reassembling fragmented IPv4 or IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv4 or IPv6 fragments to a port receiving content in Passthrough content mode. An exploit could allow the attacker to overflow a buffer. If successful, the attacker could execute arbitrary code or cause a DoS condition on the affected system. Cisco TelePresence MCU platforms TelePresence MCU 5300 Series, TelePresence MCU MSE 8510 and TelePresence MCU 4500 are affected when running software version 4.3(1.68) or later configured for Passthrough content mode. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available, but mitigations are available. Cisco Bug IDs: CSCuu67675. Cisco TelePresence Multipoint Control Unit is prone to a remote code-execution vulnerability. Failed attempts will likely result in denial-of-service conditions. Cisco TelePresence Server is a set of video conferencing solutions called \"TelePresence\" system of Cisco (Cisco). Mobility Services Engine (MSE) is a set of platforms (mobile service engine) that can provide Wi-Fi services. The platform collects, stores and manages data from wireless clients, Cisco access points and controllers. 8710 Processors is one of those processes. Cisco TelePresence Software is one of the video conferencing software running on Cisco TelePresence Server. The solution provides components such as audio and video spaces, which can provide remote participants with a \"face-to-face\" virtual meeting room effect. kernel is one of the kernel components. The vulnerability is caused by the program not checking the packet size",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3792"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001401"
},
{
"db": "BID",
"id": "95787"
},
{
"db": "VULHUB",
"id": "VHN-111995"
},
{
"db": "VULMON",
"id": "CVE-2017-3792"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-3792",
"trust": 2.9
},
{
"db": "BID",
"id": "95787",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1037698",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001401",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201702-066",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-111995",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-3792",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111995"
},
{
"db": "VULMON",
"id": "CVE-2017-3792"
},
{
"db": "BID",
"id": "95787"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001401"
},
{
"db": "NVD",
"id": "CVE-2017-3792"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-066"
}
]
},
"id": "VAR-201702-0816",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-111995"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:04:37.866000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20170125-telepresence",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170125-telepresence"
},
{
"title": "Multiple Cisco product Cisco TelePresence Software Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=67452"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-warns-of-critical-flaw-in-teleconferencing-gear/123435/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-3792"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001401"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-066"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111995"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001401"
},
{
"db": "NVD",
"id": "CVE-2017-3792"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170125-telepresence"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/95787"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1037698"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3792"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-3792"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/cisco-telepresence-cve-2017-3792"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/cisco-warns-of-critical-flaw-in-teleconferencing-gear/123435/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111995"
},
{
"db": "VULMON",
"id": "CVE-2017-3792"
},
{
"db": "BID",
"id": "95787"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001401"
},
{
"db": "NVD",
"id": "CVE-2017-3792"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-066"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-111995"
},
{
"db": "VULMON",
"id": "CVE-2017-3792"
},
{
"db": "BID",
"id": "95787"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001401"
},
{
"db": "NVD",
"id": "CVE-2017-3792"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-066"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-01T00:00:00",
"db": "VULHUB",
"id": "VHN-111995"
},
{
"date": "2017-02-01T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3792"
},
{
"date": "2017-01-25T00:00:00",
"db": "BID",
"id": "95787"
},
{
"date": "2017-02-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001401"
},
{
"date": "2017-02-01T19:59:00.267000",
"db": "NVD",
"id": "CVE-2017-3792"
},
{
"date": "2017-02-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-066"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-26T00:00:00",
"db": "VULHUB",
"id": "VHN-111995"
},
{
"date": "2017-07-26T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3792"
},
{
"date": "2017-02-02T04:02:00",
"db": "BID",
"id": "95787"
},
{
"date": "2017-02-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001401"
},
{
"date": "2017-07-26T01:29:05.620000",
"db": "NVD",
"id": "CVE-2017-3792"
},
{
"date": "2017-02-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-066"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-066"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco TelePresence MCU Software kernel proprietary device driver arbitrary code execution vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001401"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-066"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…