CVE-2013-1111

2022-10-0316:14:49

CWE-264

[email protected]

web.nvd.nist.gov

cisco

ata 187

analog telephone adaptor

firmware

remote code execution

tcp port 7870

cve-2013-1111

nvd

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:P/I:P/A:C

7.5 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.6%

JSON

The Cisco ATA 187 Analog Telephone Adaptor with firmware 9.2.1.0 and 9.2.3.1 before ES build 4 does not properly implement access control, which allows remote attackers to execute operating-system commands via vectors involving a session on TCP port 7870, aka Bug ID CSCtz67038.

Affected configurations

NVD

Node

ciscoata_187_analog_telephone_adaptor_firmwareMatch9.2.1.0

ciscoata_187_analog_telephone_adaptor_firmwareMatch9.2.3.1

AND

ciscoata_187_analog_telephone_adaptorMatch-

CPENameOperatorVersion
cisco:ata_187_analog_telephone_adaptor_firmwarecisco ata 187 analog telephone adaptor firmwareeq9.2.1.0
cisco:ata_187_analog_telephone_adaptor_firmwarecisco ata 187 analog telephone adaptor firmwareeq9.2.3.1
cisco:ata_187_analog_telephone_adaptorcisco ata 187 analog telephone adaptoreq-

CPE	Name	Operator	Version
cisco:ata_187_analog_telephone_adaptor_firmware	cisco ata 187 analog telephone adaptor firmware	eq	9.2.1.0
cisco:ata_187_analog_telephone_adaptor_firmware	cisco ata 187 analog telephone adaptor firmware	eq	9.2.3.1
cisco:ata_187_analog_telephone_adaptor	cisco ata 187 analog telephone adaptor	eq	-