VAR-201302-0170
Vulnerability from variot - Updated: 2025-04-11 23:15The Cisco ATA 187 Analog Telephone Adaptor with firmware 9.2.1.0 and 9.2.3.1 before ES build 4 does not properly implement access control, which allows remote attackers to execute operating-system commands via vectors involving a session on TCP port 7870, aka Bug ID CSCtz67038. The problem is Bug ID CSCtz67038 It is a problem.An operating system command may be executed by a third party. Cisco ATA-187 is prone to a security-bypass vulnerability because it allows attackers to gain unauthorized access to the device. This issue is being tracked by Cisco Bug ID CSCtz67038. An attacker can exploit this issue to view and modify the configuration of an affected device, thereby aiding in further attacks. A remote attacker could exploit this vulnerability to execute operating system commands by including a vector sent by a session on TCP port 7870
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0170",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ata 187 analog telephone adaptor",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "9.2.1.0"
},
{
"model": "ata 187 analog telephone adaptor",
"scope": "lt",
"trust": 1.6,
"vendor": "cisco",
"version": "9.2.3.1"
},
{
"model": "ata 187 analog telephone adaptor",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "9.2.3.1"
},
{
"model": "ata 187 analog telephone adaptor",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "ata 187 analog telephone adaptor",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "firmware 9.2.1.0"
},
{
"model": "ata 187 analog telephone adaptor",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "es build 4"
},
{
"model": "ata 187 analog telephone adaptor",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "firmware es build 4"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001568"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-131"
},
{
"db": "NVD",
"id": "CVE-2013-1111"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:ata_187_analog_telephone_adaptor",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:ata_187_analog_telephone_adaptor_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001568"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "57782"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-131"
}
],
"trust": 0.9
},
"cve": "CVE-2013-1111",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2013-1111",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-61113",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-1111",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-1111",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-131",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-61113",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61113"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001568"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-131"
},
{
"db": "NVD",
"id": "CVE-2013-1111"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Cisco ATA 187 Analog Telephone Adaptor with firmware 9.2.1.0 and 9.2.3.1 before ES build 4 does not properly implement access control, which allows remote attackers to execute operating-system commands via vectors involving a session on TCP port 7870, aka Bug ID CSCtz67038. The problem is Bug ID CSCtz67038 It is a problem.An operating system command may be executed by a third party. Cisco ATA-187 is prone to a security-bypass vulnerability because it allows attackers to gain unauthorized access to the device. \nThis issue is being tracked by Cisco Bug ID CSCtz67038. \nAn attacker can exploit this issue to view and modify the configuration of an affected device, thereby aiding in further attacks. A remote attacker could exploit this vulnerability to execute operating system commands by including a vector sent by a session on TCP port 7870",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1111"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001568"
},
{
"db": "BID",
"id": "57782"
},
{
"db": "VULHUB",
"id": "VHN-61113"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-1111",
"trust": 2.8
},
{
"db": "BID",
"id": "57782",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001568",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-131",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20130206 CISCO ATA 187 ANALOG TELEPHONE ADAPTOR REMOTE ACCESS VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-61113",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61113"
},
{
"db": "BID",
"id": "57782"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001568"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-131"
},
{
"db": "NVD",
"id": "CVE-2013-1111"
}
]
},
"id": "VAR-201302-0170",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-61113"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T23:15:27.061000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20130206-ata187",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130206-ata187"
},
{
"title": "cisco-sa-20130206-ata187",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/JP/111/1117/1117120_cisco-sa-20130206-ata187-j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001568"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61113"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001568"
},
{
"db": "NVD",
"id": "CVE-2013-1111"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130206-ata187"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1111"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1111"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/57782"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61113"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001568"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-131"
},
{
"db": "NVD",
"id": "CVE-2013-1111"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-61113"
},
{
"db": "BID",
"id": "57782"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001568"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-131"
},
{
"db": "NVD",
"id": "CVE-2013-1111"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-61113"
},
{
"date": "2013-02-06T00:00:00",
"db": "BID",
"id": "57782"
},
{
"date": "2013-02-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001568"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-131"
},
{
"date": "2013-02-13T23:55:01.180000",
"db": "NVD",
"id": "CVE-2013-1111"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-14T00:00:00",
"db": "VULHUB",
"id": "VHN-61113"
},
{
"date": "2013-02-07T17:11:00",
"db": "BID",
"id": "57782"
},
{
"date": "2013-02-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001568"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-131"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-1111"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-131"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco ATA 187 Analog Telephone Adaptor Vulnerable to operating system command execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001568"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-131"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…