ID
VAR-201205-0414
CVE
CVE-2012-1328
TITLE
Cisco Unified IP Phones 9900 Vulnerability gained in the firmware of series firmware
Trust: 0.8
sources:
JVNDB: JVNDB-2012-002233
DESCRIPTION
Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 do not properly handle downloads of configuration information to an RT phone, which allows local users to gain privileges via unspecified injected data, aka Bug ID CSCts32237. The problem is Bug ID CSCts32237 It is a problem.Local users may be able to gain privileges via unspecified insertion data
Trust: 1.98
sources:
NVD: CVE-2012-1328 //
JVNDB: JVNDB-2012-002233 //
BID: 78228 //
VULHUB: VHN-54609
AFFECTED PRODUCTS
| vendor: | cisco | model: | unified ip phone | scope: | eq | version: | 9.2 | Trust: 2.7 |
| vendor: | cisco | model: | unified ip phone | scope: | eq | version: | 9.1 | Trust: 2.7 |
| vendor: | cisco | model: | unified ip phone | scope: | eq | version: | 9900 | Trust: 1.6 |
| vendor: | cisco | model: | unified ip phone | scope: | eq | version: | 9900 series | Trust: 0.8 |
| vendor: | cisco | model: | unified ip phones | scope: | eq | version: | 9900 | Trust: 0.3 |
sources:
BID: 78228 //
JVNDB: JVNDB-2012-002233 //
CNNVD: CNNVD-201205-076 //
NVD: CVE-2012-1328
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
VULHUB: VHN-54609 //
JVNDB: JVNDB-2012-002233 //
CNNVD: CNNVD-201205-076 //
NVD: CVE-2012-1328
PROBLEMTYPE DATA
| problemtype: | CWE-94 | Trust: 1.9 |
sources:
VULHUB: VHN-54609 //
JVNDB: JVNDB-2012-002233 //
NVD: CVE-2012-1328
THREAT TYPE
local
Trust: 0.9
sources:
BID: 78228 //
CNNVD: CNNVD-201205-076
TYPE
code injection
Trust: 0.6
sources:
CNNVD: CNNVD-201205-076
CONFIGURATIONS
sources:
JVNDB: JVNDB-2012-002233
PATCH
| title: | Cisco Unified IP Phones 8961, 9951, and 9971(SIP) Release Notes for Firmware Release 9.2(3) | url: | http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/9971_9951_8961/firmware/9_2_3/release_notes/9900_8900_923.html | Trust: 0.8 |
sources:
JVNDB: JVNDB-2012-002233
EXTERNAL IDS
| db: | NVD | id: | CVE-2012-1328 | Trust: 2.8 |
| db: | JVNDB | id: | JVNDB-2012-002233 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201205-076 | Trust: 0.7 |
| db: | BID | id: | 78228 | Trust: 0.4 |
| db: | SEEBUG | id: | SSVID-91775 | Trust: 0.1 |
| db: | VULHUB | id: | VHN-54609 | Trust: 0.1 |
sources:
VULHUB: VHN-54609 //
BID: 78228 //
JVNDB: JVNDB-2012-002233 //
CNNVD: CNNVD-201205-076 //
NVD: CVE-2012-1328
REFERENCES
| url: | http://www.cisco.com/en/us/docs/voice_ip_comm/cuipph/9971_9951_8961/firmware/9_2_3/release_notes/9900_8900_923.html | Trust: 2.0 |
| url: | https://exchange.xforce.ibmcloud.com/vulnerabilities/75412 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1328 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1328 | Trust: 0.8 |
sources:
VULHUB: VHN-54609 //
BID: 78228 //
JVNDB: JVNDB-2012-002233 //
CNNVD: CNNVD-201205-076 //
NVD: CVE-2012-1328
CREDITS
Unknown
Trust: 0.3
sources:
BID: 78228
SOURCES
| db: | VULHUB | id: | VHN-54609 |
| db: | BID | id: | 78228 |
| db: | JVNDB | id: | JVNDB-2012-002233 |
| db: | CNNVD | id: | CNNVD-201205-076 |
| db: | NVD | id: | CVE-2012-1328 |
LAST UPDATE DATE
2024-11-23T22:35:29.177000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-54609 | date: | 2017-12-07T00:00:00 |
| db: | BID | id: | 78228 | date: | 2012-05-03T00:00:00 |
| db: | JVNDB | id: | JVNDB-2012-002233 | date: | 2012-05-08T00:00:00 |
| db: | CNNVD | id: | CNNVD-201205-076 | date: | 2012-05-04T00:00:00 |
| db: | NVD | id: | CVE-2012-1328 | date: | 2024-11-21T01:36:49.533 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-54609 | date: | 2012-05-03T00:00:00 |
| db: | BID | id: | 78228 | date: | 2012-05-03T00:00:00 |
| db: | JVNDB | id: | JVNDB-2012-002233 | date: | 2012-05-08T00:00:00 |
| db: | CNNVD | id: | CNNVD-201205-076 | date: | 2012-05-04T00:00:00 |
| db: | NVD | id: | CVE-2012-1328 | date: | 2012-05-03T23:55:01.403 |