VAR-200212-0104
Vulnerability from variot - Updated: 2025-04-03 22:38The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities. The Cisco Media Gateway Controller (MGC) product is based on Sun's Solaris operating system version 2.6. There are a number of unpatched Solaris vulnerabilities present by default in Solaris that may be exploited to compromise the device. Cisco has made patches available for MGC systems that correct the Solaris vulnerabilities
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0104",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "vsc3000",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "pgw 2200",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "sc2200",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "vspt",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "bams",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "pgw 2200",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "sc2200",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "vspt",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "vsc3000",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "bams",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "voice services provisioning tool",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual switch controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "signaling controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2200"
},
{
"model": "pgw2200 pstn gateway",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "billing and management server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "3897"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-782"
},
{
"db": "NVD",
"id": "CVE-2002-2037"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco PSIRT\u203b psirt@cisco.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-782"
}
],
"trust": 0.6
},
"cve": "CVE-2002-2037",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2002-2037",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-6420",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-2037",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-782",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-6420",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6420"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-782"
},
{
"db": "NVD",
"id": "CVE-2002-2037"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities. The Cisco Media Gateway Controller (MGC) product is based on Sun\u0027s Solaris operating system version 2.6. \nThere are a number of unpatched Solaris vulnerabilities present by default in Solaris that may be exploited to compromise the device. \nCisco has made patches available for MGC systems that correct the Solaris vulnerabilities",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2037"
},
{
"db": "BID",
"id": "3897"
},
{
"db": "VULHUB",
"id": "VHN-6420"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3897",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-2037",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200212-782",
"trust": 0.7
},
{
"db": "XF",
"id": "7912",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "2144",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20020116 HARDENING OF SOLARIS OS FOR MGC",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-6420",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6420"
},
{
"db": "BID",
"id": "3897"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-782"
},
{
"db": "NVD",
"id": "CVE-2002-2037"
}
]
},
"id": "VAR-200212-0104",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6420"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:38:26.394000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2037"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.cisco.com/warp/public/707/solaris-for-mgc-pub.shtml"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3897"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/7912.php"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/2144"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/voicesw/ps4625/index.html"
},
{
"trust": 0.3,
"url": "http://www.cert.org/security-improvement/modules/m09.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6420"
},
{
"db": "BID",
"id": "3897"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-782"
},
{
"db": "NVD",
"id": "CVE-2002-2037"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-6420"
},
{
"db": "BID",
"id": "3897"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-782"
},
{
"db": "NVD",
"id": "CVE-2002-2037"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6420"
},
{
"date": "2002-01-16T00:00:00",
"db": "BID",
"id": "3897"
},
{
"date": "2002-01-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-782"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-2037"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-6420"
},
{
"date": "2002-01-16T00:00:00",
"db": "BID",
"id": "3897"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-782"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-2037"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-782"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Solaris Vulnerability threat Cisco Media Gateway Controller Safety",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-782"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "wrong environmental conditions",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-782"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…