Lucene search

[email protected]CVE-2002-2037

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-2037

2022-10-0316:23:50

[email protected]

web.nvd.nist.gov

cisco

mgc

sc2200

vsc3000

pgw 2200

bams

vspt

solaris

vulnerabilities

exploit

security patches

nvd

cve-2002-2037

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

40.1%

JSON

The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities.

Affected configurations

NVD

Node

ciscobams

ciscopgw_2200Range≤9.1

ciscosc2200Range≤7.4

ciscovsc3000Range≤9.1

ciscovspt

CPENameOperatorVersion
cisco:bamscisco bamseq*
cisco:pgw_2200cisco pgw 2200le9.1
cisco:sc2200cisco sc2200le7.4
cisco:vsc3000cisco vsc3000le9.1
cisco:vsptcisco vspteq*

CPE	Name	Operator	Version
cisco:bams	cisco bams	eq	*
cisco:pgw_2200	cisco pgw 2200	le	9.1
cisco:sc2200	cisco sc2200	le	7.4
cisco:vsc3000	cisco vsc3000	le	9.1
cisco:vspt	cisco vspt	eq	*

References

www.cisco.com/warp/public/707/Solaris-for-MGC-pub.shtml

www.iss.net/security_center/static/7912.php

www.securityfocus.com/bid/3897

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

40.1%

JSON

Related for CVE-2002-2037

nvd1 cisco1 cvelist1