var-201603-0030
Vulnerability from variot
The administration interface on Cisco DPC3939B and DPC3941 devices allows remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCus49506. Cisco DPC3939B and DPC3941 Device management interfaces contain vulnerabilities that can capture important information. The Cisco DPC3939B and DPC3941 are both wireless voice network management products of Cisco. The web-basedadministration interface is one of the web-based management interfaces
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0030",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dpc3939 wireless residential voice gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "130514acmcst_base"
},
{
"model": "dpc3939 wireless residential voice gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "(xb3)"
},
{
"model": "dpc3941 wireless residential gateway with digital voice",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "dpc3939b",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "dpc3941",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "dpc3941 wireless residential voice gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "dpc3939 wireless residential voice gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01602"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001713"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-119"
},
{
"db": "NVD",
"id": "CVE-2016-1325"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:dpc3939_wireless_residential_voice_gateway_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:dpc3941_wireless_residential_gateway__with_digital_voice_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001713"
}
]
},
"cve": "CVE-2016-1325",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-1325",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-01602",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-90144",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-1325",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1325",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-1325",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-01602",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-119",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-90144",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01602"
},
{
"db": "VULHUB",
"id": "VHN-90144"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001713"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-119"
},
{
"db": "NVD",
"id": "CVE-2016-1325"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The administration interface on Cisco DPC3939B and DPC3941 devices allows remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCus49506. Cisco DPC3939B and DPC3941 Device management interfaces contain vulnerabilities that can capture important information. The Cisco DPC3939B and DPC3941 are both wireless voice network management products of Cisco. The web-basedadministration interface is one of the web-based management interfaces",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1325"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001713"
},
{
"db": "CNVD",
"id": "CNVD-2016-01602"
},
{
"db": "VULHUB",
"id": "VHN-90144"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1325",
"trust": 3.1
},
{
"db": "SECTRACK",
"id": "1035232",
"trust": 1.1
},
{
"db": "BID",
"id": "84278",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001713",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-119",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-01602",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-90144",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01602"
},
{
"db": "VULHUB",
"id": "VHN-90144"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001713"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-119"
},
{
"db": "NVD",
"id": "CVE-2016-1325"
}
]
},
"id": "VAR-201603-0030",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01602"
},
{
"db": "VULHUB",
"id": "VHN-90144"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01602"
}
]
},
"last_update_date": "2024-11-23T23:12:36.674000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160309-rgid",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-rgid"
},
{
"title": "Patch for Cisco DPC3939B and DPC3941 Information Disclosure Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/72545"
},
{
"title": "Cisco DPC3939B and DPC3941 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60479"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01602"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001713"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-119"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90144"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001713"
},
{
"db": "NVD",
"id": "CVE-2016-1325"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160309-rgid"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/84278"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035232"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1325"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1325"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01602"
},
{
"db": "VULHUB",
"id": "VHN-90144"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001713"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-119"
},
{
"db": "NVD",
"id": "CVE-2016-1325"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-01602"
},
{
"db": "VULHUB",
"id": "VHN-90144"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001713"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-119"
},
{
"db": "NVD",
"id": "CVE-2016-1325"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01602"
},
{
"date": "2016-03-09T00:00:00",
"db": "VULHUB",
"id": "VHN-90144"
},
{
"date": "2016-03-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001713"
},
{
"date": "2016-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-119"
},
{
"date": "2016-03-09T20:59:02.193000",
"db": "NVD",
"id": "CVE-2016-1325"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01602"
},
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-90144"
},
{
"date": "2016-03-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001713"
},
{
"date": "2016-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-119"
},
{
"date": "2024-11-21T02:46:11.453000",
"db": "NVD",
"id": "CVE-2016-1325"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-119"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco DPC3939B and DPC3941 Vulnerabilities that can capture important information in the device management interface",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001713"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-119"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…