Sign-up

ID

VAR-201307-0211


CVE

CVE-2013-3426


TITLE

Cisco 9900 IP phones Vulnerable to reading arbitrary files

Trust: 0.8

sources: JVNDB: JVNDB-2013-003453

DESCRIPTION

The Serviceability servlet on Cisco 9900 IP phones does not properly restrict paths, which allows remote attackers to read arbitrary files by specifying a pathname in a file request, aka Bug ID CSCuh52810. The Cisco Unified IP Phones 9900 is an IP telephony device developed by Cisco. Any file in the IP phone can be obtained because the incomplete filtering path value allows the attacker to submit a file request containing the legal path. An attacker can exploit this issue to download arbitrary files within the context of the device. Information obtained may aid in further attacks. This issue being tracked by Cisco Bug ID CSCuh52810. This product provides voice and video functions

Trust: 2.52

sources: NVD: CVE-2013-3426 // JVNDB: JVNDB-2013-003453 // CNVD: CNVD-2013-10506 // BID: 61330 // VULHUB: VHN-63428

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2013-10506

AFFECTED PRODUCTS

vendor:ciscomodel:unified ip phones 9900 seriesscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:unified ip phone 9951scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:unified ip phone 9971scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:unified ip phone 9900 seriesscope:lteversion:9.3.2 sr1

Trust: 0.8

vendor:ciscomodel:unified ip phone 9951scope: - version: -

Trust: 0.8

vendor:ciscomodel:unified ip phone 9971scope: - version: -

Trust: 0.8

vendor:ciscomodel:unified ip phones seriesscope:eqversion:9900

Trust: 0.6

vendor:ciscomodel:unified ip phones series sr1scope:eqversion:99009.3.2

Trust: 0.3

vendor:ciscomodel:unified ip phones seriesscope:eqversion:99009.3

Trust: 0.3

sources: CNVD: CNVD-2013-10506 // BID: 61330 // JVNDB: JVNDB-2013-003453 // CNNVD: CNNVD-201307-406 // NVD: CVE-2013-3426

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-3426
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-3426
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2013-10506
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201307-406
value: MEDIUM

Trust: 0.6

VULHUB: VHN-63428
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-3426
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2013-10506
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-63428
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2013-10506 // VULHUB: VHN-63428 // JVNDB: JVNDB-2013-003453 // CNNVD: CNNVD-201307-406 // NVD: CVE-2013-3426

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-63428 // JVNDB: JVNDB-2013-003453 // NVD: CVE-2013-3426

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201307-406

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201307-406

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-003453

PATCH
title:Cisco 9900 Series Phone Arbitrary File Download Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3426
Trust: 0.8
title:30110url:http://tools.cisco.com/security/center/viewAlert.x?alertId=30110
Trust: 0.8
title:Patch for Cisco Unified IP Phones 9900 Series Free File Download Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/36430
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2013-10506 // 
            
            
            
            JVNDB: JVNDB-2013-003453

EXTERNAL IDS
db:NVDid:CVE-2013-3426
Trust: 3.4
db:BIDid:61330
Trust: 1.0
db:JVNDBid:JVNDB-2013-003453
Trust: 0.8
db:CNNVDid:CNNVD-201307-406
Trust: 0.7
db:CNVDid:CNVD-2013-10506
Trust: 0.6
db:CISCOid:20130717 CISCO 9900 SERIES PHONE ARBITRARY FILE DOWNLOAD VULNERABILITY
Trust: 0.6
db:VULHUBid:VHN-63428
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2013-10506 // 
            
            
            
            VULHUB: VHN-63428 // 
            
            
            
            BID: 61330 // 
            
            
            
            JVNDB: JVNDB-2013-003453 // 
            
            
            
            CNNVD: CNNVD-201307-406 // 
            
            
            
            NVD: CVE-2013-3426

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-3426
Trust: 2.3
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3426
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3426
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
url:http://tools.cisco.com/security/center/viewalert.x?alertid=30110
Trust: 0.3
url:tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-3426
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2013-10506 // 
            
            
            
            VULHUB: VHN-63428 // 
            
            
            
            BID: 61330 // 
            
            
            
            JVNDB: JVNDB-2013-003453 // 
            
            
            
            CNNVD: CNNVD-201307-406 // 
            
            
            
            NVD: CVE-2013-3426

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 61330

SOURCES
db:CNVDid:CNVD-2013-10506
db:VULHUBid:VHN-63428
db:BIDid:61330
db:JVNDBid:JVNDB-2013-003453
db:CNNVDid:CNNVD-201307-406
db:NVDid:CVE-2013-3426

LAST UPDATE DATE
2025-04-11T23:08:41.609000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2013-10506date:2013-07-24T00:00:00
db:VULHUBid:VHN-63428date:2013-07-18T00:00:00
db:BIDid:61330date:2013-07-16T00:00:00
db:JVNDBid:JVNDB-2013-003453date:2013-07-22T00:00:00
db:CNNVDid:CNNVD-201307-406date:2013-07-29T00:00:00
db:NVDid:CVE-2013-3426date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:CNVDid:CNVD-2013-10506date:2013-07-24T00:00:00
db:VULHUBid:VHN-63428date:2013-07-18T00:00:00
db:BIDid:61330date:2013-07-16T00:00:00
db:JVNDBid:JVNDB-2013-003453date:2013-07-22T00:00:00
db:CNNVDid:CNNVD-201307-406date:2013-07-22T00:00:00
db:NVDid:CVE-2013-3426date:2013-07-18T12:51:14.250