Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2013-7030
HistoryDec 12, 2013 - 5:55 p.m.

CVE-2013-7030

2013-12-1217:55:03
CWE-310
[email protected]
web.nvd.nist.gov
20
cisco
unified communications manager
cucm
tftp service
vulnerability
cve-2013-7030
nvd
information security

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.563 Medium

EPSS

Percentile

97.7%

JSON

The TFTP service in Cisco Unified Communications Manager (aka CUCM or Unified CM) allows remote attackers to obtain sensitive information from a phone via an RRQ operation, as demonstrated by discovering a cleartext UseUserCredential field in an SPDefault.cnf.xml file. NOTE: the vendor reportedly disputes the significance of this report, stating that this is an expected default behavior, and that the product’s documentation describes use of the TFTP Encrypted Config option in addressing this issue

Affected configurations

NVD
Node
ciscounified_communications_manager

Related

prion 1
cvelist 1
vulnrichment 1
nvd 1
prion
prion
Design/Logic Flaw
2013-12-12 17:55:00
cvelist
cvelist
CVE-2013-7030
2013-12-12 17:00:00
vulnrichment
vulnrichment
CVE-2013-7030
2013-12-12 17:00:00
nvd
nvd
CVE-2013-7030
2013-12-12 17:55:03

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.563 Medium

EPSS

Percentile

97.7%

JSON
Related for CVE-2013-7030
prion1cvelist1vulnrichment1nvd1