CVE-2013-7030 - OpenCVE

The TFTP service in Cisco Unified Communications Manager (aka CUCM or Unified CM) allows remote attackers to obtain sensitive information from a phone via an RRQ operation, as demonstrated by discovering a cleartext UseUserCredential field in an SPDefault.cnf.xml file. NOTE: the vendor reportedly disputes the significance of this report, stating that this is an expected default behavior, and that the product's documentation describes use of the TFTP Encrypted Config option in addressing this issue

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Unified Communications Manager

Configuration 1 [-]

cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*

References

Link	Resource
http://osvdb.org/100916
http://www.exploit-db.com/exploits/30237/	Exploit VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/89649

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2013-12-12T17:00:00

Updated: 2024-06-18T18:48:18.452Z

Reserved: 2013-12-09T00:00:00

Link: CVE-2013-7030

JSON object: View

NVD Information

Status : Modified

Published: 2013-12-12T17:55:03.783

Modified: 2024-06-18T19:15:53.980

Link: CVE-2013-7030

JSON object: View

Redhat Information

No data.

CWE

CWE-310

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-12-12T00:00:00", "descriptions": [{"lang": "en", "value": "The TFTP service in Cisco Unified Communications Manager (aka CUCM or Unified CM) allows remote attackers to obtain sensitive information from a phone via an RRQ operation, as demonstrated by discovering a cleartext UseUserCredential field in an SPDefault.cnf.xml file. NOTE: the vendor reportedly disputes the significance of this report, stating that this is an expected default behavior, and that the product's documentation describes use of the TFTP Encrypted Config option in addressing this issue"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "30237", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/30237/"}, {"name": "cisco-ucm-tftp-info-disc(89649)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89649"}, {"name": "100916", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/100916"}], "tags": ["disputed"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-7030", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** The TFTP service in Cisco Unified Communications Manager (aka CUCM or Unified CM) allows remote attackers to obtain sensitive information from a phone via an RRQ operation, as demonstrated by discovering a cleartext UseUserCredential field in an SPDefault.cnf.xml file. NOTE: the vendor reportedly disputes the significance of this report, stating that this is an expected default behavior, and that the product's documentation describes use of the TFTP Encrypted Config option in addressing this issue."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "30237", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/30237/"}, {"name": "cisco-ucm-tftp-info-disc(89649)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89649"}, {"name": "100916", "refsource": "OSVDB", "url": "http://osvdb.org/100916"}]}}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-18T18:48:10.509536Z", "id": "CVE-2013-7030", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-18T18:48:18.452Z"}}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-7030", "datePublished": "2013-12-12T17:00:00", "dateReserved": "2013-12-09T00:00:00", "dateUpdated": "2024-06-18T18:48:18.452Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "8D51B262-3855-4384-A0EA-FE115D544953", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The TFTP service in Cisco Unified Communications Manager (aka CUCM or Unified CM) allows remote attackers to obtain sensitive information from a phone via an RRQ operation, as demonstrated by discovering a cleartext UseUserCredential field in an SPDefault.cnf.xml file. NOTE: the vendor reportedly disputes the significance of this report, stating that this is an expected default behavior, and that the product's documentation describes use of the TFTP Encrypted Config option in addressing this issue"}, {"lang": "es", "value": "EN DISPUTA ** ** El servicio TFTP en Cisco Unified Communications Manager (tambi\u00e9n conocido como CUCM o Unified CM) permite a atacantes remotos obtener informaci\u00f3n sensible de un tel\u00e9fono a trav\u00e9s de una operaci\u00f3n RRQ, como lo demuestra el descubrimiento de un campo UseUserCredential texto plano en un fichero SPDefault.cnf.xml . NOTA: el vendedor , discute la importancia de este informe, afirmando que se trata de un comportamiento predeterminado se esperaba, y que en la documentaci\u00f3n del producto se describe el uso de la opci\u00f3n TFTP cifrados Config para tratar este asunto."}], "id": "CVE-2013-7030", "lastModified": "2024-06-18T19:15:53.980", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-12-12T17:55:03.783", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/100916"}, {"source": "cve@mitre.org", "tags": ["Exploit", "VDB Entry"], "url": "http://www.exploit-db.com/exploits/30237/"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89649"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-310"}], "source": "nvd@nist.gov", "type": "Primary"}]}