Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2013-7030

EPSS 10.27% · P93
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2013-7030

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The TFTP service in Cisco Unified Communications Manager (aka CUCM or Unified CM) allows remote attackers to obtain sensitive information from a phone via an RRQ operation, as demonstrated by discovering a cleartext UseUserCredential field in an SPDefault.cnf.xml file. NOTE: the vendor reportedly disputes the significance of this report, stating that this is an expected default behavior, and that the product's documentation describes use of the TFTP Encrypted Config option in addressing this issue
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco Unified Communications Manager 加密问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Unified Communications Manager(CUCM,Unified CM,CallManager)是美国思科(Cisco)公司的一款统一通信系统中的呼叫处理组件。该组件提供了一种可扩展、可分布和高可用的企业IP电话呼叫处理解决方案。 Cisco Unified Communications Manager中的TFTP服务存在加密问题漏洞。远程攻击者可利用该漏洞获取敏感信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2013-7030

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2013-7030

登录查看更多情报信息。

Same Patch Batch · n/a · 2013-12-12 · 17 CVEs total

CVE-2013-5763Oracle Fusion Middleware Outside In Maintenance子组件安全漏洞
CVE-2011-4971memcached 远程拒绝服务漏洞
CVE-2013-1447OpenJPEG 拒绝服务漏洞
CVE-2013-1812Ruby ruby-openid Gem 拒绝服务漏洞
CVE-2013-1913GIMP 输入验证错误漏洞
CVE-2013-1978GIMP 缓冲区错误漏洞
CVE-2013-2751NETGEAR ReadyNAS RAIDiator eval注入漏洞
CVE-2013-2752NETGEAR ReadyNAS RAIDiator 跨站请求伪造漏洞
CVE-2013-4458GNU C Library 缓冲区错误漏洞
CVE-2013-4566mod_nss 权限许可和访问控制漏洞
CVE-2013-6045OpenJPEG 基于堆的缓冲区错误漏洞
CVE-2013-6052OpenJPEG 信息泄露漏洞
CVE-2013-6054OpenJPEG 基于堆的缓冲区错误漏洞
CVE-2013-6421Ruby Gem Sprout ‘unpack_zip()’函数远程命令注入漏洞
CVE-2013-6810EMC Connectrix Manager Converged Network Edition 远程代码执行漏洞
CVE-2013-6986ZippyYum Subway CA Kiosk App for iOS 信息泄露漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2013-7030

No comments yet

Leave a comment