Search criteria
26 vulnerabilities found for Cisco Session Initiation Protocol (SIP) Software by Cisco
CVE-2025-20351 (GCVE-0-2025-20351)
Vulnerability from cvelistv5 – Published: 2025-10-15 16:15 – Updated: 2025-10-15 17:43
VLAI?
Summary
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI.
This vulnerability exists because the web UI of an affected device does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Note: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
12.1(1)SR1
Affected: 11.5(1) Affected: 10.3(2) Affected: 10.2(2) Affected: 10.3(1) Affected: 10.3(1)SR4 Affected: 11.0(1) Affected: 10.4(1)SR2 3rd Party Affected: 11.7(1) Affected: 12.1(1) Affected: 11.0(0.7) MPP Affected: 9.3(4) 3rd Party Affected: 12.5(1)SR2 Affected: 10.2(1)SR1 Affected: 9.3(4)SR3 3rd Party Affected: 10.2(1) Affected: 12.5(1) Affected: 10.3(1)SR2 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 12.5(1)SR1 Affected: 11.5(1)SR1 Affected: 10.1(1)SR2 Affected: 12.0(1)SR2 Affected: 12.6(1) Affected: 10.3(1.11) 3rd Party Affected: 12.0(1) Affected: 12.0(1)SR1 Affected: 9.3(3) Affected: 12.5(1)SR3 Affected: 10.3(1)SR4b Affected: 9.3(4)SR1 3rd Party Affected: 10.3(1)SR5 Affected: 10.1(1.9) Affected: 10.3(1.9) 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 10.3(1)SR1 Affected: 10.3(1)SR3 Affected: 10.1(1)SR1 Affected: 12.0(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 10.3(1)SR6 Affected: 12.8(1) Affected: 12.7(1)SR1 Affected: 11.0(2)SR1 Affected: 11.0(4) Affected: 11.0(2) Affected: 11.0(4)SR3 Affected: 11.0(5) Affected: 11.0(3)SR2 Affected: 11.0(3)SR4 Affected: 11.0(3)SR3 Affected: 11.0(2)SR2 Affected: 11.0(4)SR1 Affected: 11.0(5)SR3 Affected: 11.0(3) Affected: 11.0(5)SR2 Affected: 11.0(3)SR6 Affected: 11.0(5)SR1 Affected: 11.0(4)SR2 Affected: 11.0(3)SR1 Affected: 11.0(3)SR5 Affected: 11.0(6) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 14.0(1) Affected: 14.0(1)SR1 Affected: 11.0(6)SR1 Affected: 10.3(1)SR7 Affected: 14.0(1)SR2 Affected: 14.1(1) Affected: 14.0(1)SR3 Affected: 11.0(6)SR2 Affected: 14.1(1)SR1 Affected: 14.1(1)SR2 Affected: 11.0(6)SR4 Affected: 14.2(1) Affected: 14.2(1)SR1 Affected: 11.0(6)SR5 Affected: 14.1(1)SR3 Affected: 14.2(1)SR2 Affected: 3.1(1) Affected: 3.0(1) Affected: 2.3(1) Affected: 2.3(1)SR1 Affected: 2.2(1) Affected: 2.1(1) Affected: 2.0(1) Affected: 14.2(1)SR3 Affected: 3.1(1)SR1 Affected: 14.3(1) Affected: 3.2(1) Affected: 14.3(1)SR1 Affected: 14.2(1)SR4 Affected: 11.0(6)SR6 Affected: 14.3(1)SR2 Affected: 14.3(1)SR3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20351",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T17:41:21.666555Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T17:43:25.544Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR5"
},
{
"status": "affected",
"version": "11.0(6)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "11.0(6)SR2"
},
{
"status": "affected",
"version": "14.1(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR2"
},
{
"status": "affected",
"version": "11.0(6)SR4"
},
{
"status": "affected",
"version": "14.2(1)"
},
{
"status": "affected",
"version": "14.2(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR5"
},
{
"status": "affected",
"version": "14.1(1)SR3"
},
{
"status": "affected",
"version": "14.2(1)SR2"
},
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "2.3(1)"
},
{
"status": "affected",
"version": "2.3(1)SR1"
},
{
"status": "affected",
"version": "2.2(1)"
},
{
"status": "affected",
"version": "2.1(1)"
},
{
"status": "affected",
"version": "2.0(1)"
},
{
"status": "affected",
"version": "14.2(1)SR3"
},
{
"status": "affected",
"version": "3.1(1)SR1"
},
{
"status": "affected",
"version": "14.3(1)"
},
{
"status": "affected",
"version": "3.2(1)"
},
{
"status": "affected",
"version": "14.3(1)SR1"
},
{
"status": "affected",
"version": "14.2(1)SR4"
},
{
"status": "affected",
"version": "11.0(6)SR6"
},
{
"status": "affected",
"version": "14.3(1)SR2"
},
{
"status": "affected",
"version": "14.3(1)SR3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI.\r\n\r\nThis vulnerability exists because the web UI of an affected device does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\r\nNote: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T16:15:18.666Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-phone-dos-FPyjLV7A",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-dos-FPyjLV7A"
}
],
"source": {
"advisory": "cisco-sa-phone-dos-FPyjLV7A",
"defects": [
"CSCwn51683"
],
"discovery": "INTERNAL"
},
"title": "Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20351",
"datePublished": "2025-10-15T16:15:18.666Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-10-15T17:43:25.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20350 (GCVE-0-2025-20350)
Vulnerability from cvelistv5 – Published: 2025-10-15 16:15 – Updated: 2025-10-15 17:42
VLAI?
Summary
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.
This vulnerability is due to a buffer overflow when an affected device processes HTTP packets. An attacker could exploit this vulnerability by sending crafted HTTP input to the device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Note: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default.
Severity ?
7.5 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
12.1(1)SR1
Affected: 11.5(1) Affected: 10.3(2) Affected: 10.2(2) Affected: 10.3(1) Affected: 10.3(1)SR4 Affected: 11.0(1) Affected: 10.4(1)SR2 3rd Party Affected: 11.7(1) Affected: 12.1(1) Affected: 11.0(0.7) MPP Affected: 9.3(4) 3rd Party Affected: 12.5(1)SR2 Affected: 10.2(1)SR1 Affected: 9.3(4)SR3 3rd Party Affected: 10.2(1) Affected: 12.5(1) Affected: 10.3(1)SR2 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 12.5(1)SR1 Affected: 11.5(1)SR1 Affected: 10.1(1)SR2 Affected: 12.0(1)SR2 Affected: 12.6(1) Affected: 10.3(1.11) 3rd Party Affected: 12.0(1) Affected: 12.0(1)SR1 Affected: 9.3(3) Affected: 12.5(1)SR3 Affected: 10.3(1)SR4b Affected: 9.3(4)SR1 3rd Party Affected: 10.3(1)SR5 Affected: 10.1(1.9) Affected: 10.3(1.9) 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 10.3(1)SR1 Affected: 10.3(1)SR3 Affected: 10.1(1)SR1 Affected: 12.0(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 10.3(1)SR6 Affected: 12.8(1) Affected: 12.7(1)SR1 Affected: 11.0(2)SR1 Affected: 11.0(4) Affected: 11.0(2) Affected: 11.0(4)SR3 Affected: 11.0(5) Affected: 11.0(3)SR2 Affected: 11.0(3)SR4 Affected: 11.0(3)SR3 Affected: 11.0(2)SR2 Affected: 11.0(4)SR1 Affected: 11.0(5)SR3 Affected: 11.0(3) Affected: 11.0(5)SR2 Affected: 11.0(3)SR6 Affected: 11.0(5)SR1 Affected: 11.0(4)SR2 Affected: 11.0(3)SR1 Affected: 11.0(3)SR5 Affected: 11.0(6) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 14.0(1) Affected: 14.0(1)SR1 Affected: 11.0(6)SR1 Affected: 10.3(1)SR7 Affected: 14.0(1)SR2 Affected: 14.1(1) Affected: 14.0(1)SR3 Affected: 11.0(6)SR2 Affected: 14.1(1)SR1 Affected: 14.1(1)SR2 Affected: 11.0(6)SR4 Affected: 14.2(1) Affected: 14.2(1)SR1 Affected: 11.0(6)SR5 Affected: 14.1(1)SR3 Affected: 14.2(1)SR2 Affected: 3.1(1) Affected: 3.0(1) Affected: 2.3(1) Affected: 2.3(1)SR1 Affected: 2.2(1) Affected: 2.1(1) Affected: 2.0(1) Affected: 14.2(1)SR3 Affected: 3.1(1)SR1 Affected: 14.3(1) Affected: 3.2(1) Affected: 14.3(1)SR1 Affected: 14.2(1)SR4 Affected: 11.0(6)SR6 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T17:42:26.123690Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T17:42:59.642Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR5"
},
{
"status": "affected",
"version": "11.0(6)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "11.0(6)SR2"
},
{
"status": "affected",
"version": "14.1(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR2"
},
{
"status": "affected",
"version": "11.0(6)SR4"
},
{
"status": "affected",
"version": "14.2(1)"
},
{
"status": "affected",
"version": "14.2(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR5"
},
{
"status": "affected",
"version": "14.1(1)SR3"
},
{
"status": "affected",
"version": "14.2(1)SR2"
},
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "2.3(1)"
},
{
"status": "affected",
"version": "2.3(1)SR1"
},
{
"status": "affected",
"version": "2.2(1)"
},
{
"status": "affected",
"version": "2.1(1)"
},
{
"status": "affected",
"version": "2.0(1)"
},
{
"status": "affected",
"version": "14.2(1)SR3"
},
{
"status": "affected",
"version": "3.1(1)SR1"
},
{
"status": "affected",
"version": "14.3(1)"
},
{
"status": "affected",
"version": "3.2(1)"
},
{
"status": "affected",
"version": "14.3(1)SR1"
},
{
"status": "affected",
"version": "14.2(1)SR4"
},
{
"status": "affected",
"version": "11.0(6)SR6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to a buffer overflow when an affected device processes HTTP packets. An attacker could exploit this vulnerability by sending crafted HTTP input to the device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.\r\nNote: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T16:15:10.244Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-phone-dos-FPyjLV7A",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-dos-FPyjLV7A"
}
],
"source": {
"advisory": "cisco-sa-phone-dos-FPyjLV7A",
"defects": [
"CSCwn51601"
],
"discovery": "INTERNAL"
},
"title": "Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20350",
"datePublished": "2025-10-15T16:15:10.244Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-10-15T17:42:59.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20335 (GCVE-0-2025-20335)
Vulnerability from cvelistv5 – Published: 2025-09-03 17:41 – Updated: 2025-09-03 17:56
VLAI?
Summary
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write arbitrary files on an affected device.
This vulnerability is due to a lack of proper authentication controls. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to perform arbitrary file writes to specific directories in the underlying operating system.
Note: To exploit this vulnerability, Web Access must be enabled on the phone. Web Access is disabled by default.
Severity ?
5.3 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
12.1(1)SR1
Affected: 11.5(1) Affected: 10.3(2) Affected: 10.2(2) Affected: 10.3(1) Affected: 10.3(1)SR4 Affected: 11.0(1) Affected: 10.4(1)SR2 3rd Party Affected: 11.7(1) Affected: 12.1(1) Affected: 11.0(0.7) MPP Affected: 9.3(4) 3rd Party Affected: 12.5(1)SR2 Affected: 10.2(1)SR1 Affected: 9.3(4)SR3 3rd Party Affected: 10.2(1) Affected: 12.5(1) Affected: 10.3(1)SR2 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 12.5(1)SR1 Affected: 11.5(1)SR1 Affected: 10.1(1)SR2 Affected: 12.0(1)SR2 Affected: 12.6(1) Affected: 10.3(1.11) 3rd Party Affected: 12.0(1) Affected: 12.0(1)SR1 Affected: 9.3(3) Affected: 12.5(1)SR3 Affected: 10.3(1)SR4b Affected: 9.3(4)SR1 3rd Party Affected: 10.3(1)SR5 Affected: 10.1(1.9) Affected: 10.3(1.9) 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 10.3(1)SR1 Affected: 10.3(1)SR3 Affected: 10.1(1)SR1 Affected: 12.0(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 10.3(1)SR6 Affected: 12.8(1) Affected: 12.7(1)SR1 Affected: 11.0(2)SR1 Affected: 11.0(4) Affected: 11.0(2) Affected: 11.0(4)SR3 Affected: 11.0(5) Affected: 11.0(3)SR2 Affected: 11.0(3)SR4 Affected: 11.0(3)SR3 Affected: 11.0(2)SR2 Affected: 11.0(4)SR1 Affected: 11.0(5)SR3 Affected: 11.0(3) Affected: 11.0(5)SR2 Affected: 11.0(3)SR6 Affected: 11.0(5)SR1 Affected: 11.0(4)SR2 Affected: 11.0(3)SR1 Affected: 11.0(3)SR5 Affected: 11.0(6) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 14.0(1) Affected: 14.0(1)SR1 Affected: 11.0(6)SR1 Affected: 10.3(1)SR7 Affected: 14.0(1)SR2 Affected: 14.1(1) Affected: 14.0(1)SR3 Affected: 11.0(6)SR2 Affected: 14.1(1)SR1 Affected: 14.1(1)SR2 Affected: 11.0(6)SR4 Affected: 14.2(1) Affected: 14.2(1)SR1 Affected: 11.0(6)SR5 Affected: 14.1(1)SR3 Affected: 14.2(1)SR2 Affected: 3.1(1) Affected: 3.0(1) Affected: 2.3(1) Affected: 2.3(1)SR1 Affected: 2.2(1) Affected: 2.1(1) Affected: 2.0(1) Affected: 14.2(1)SR3 Affected: 3.1(1)SR1 Affected: 14.3(1) Affected: 3.2(1) Affected: 14.3(1)SR1 Affected: 14.2(1)SR4 Affected: 11.0(6)SR6 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20335",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T17:56:52.918108Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:56:55.586Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR5"
},
{
"status": "affected",
"version": "11.0(6)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "11.0(6)SR2"
},
{
"status": "affected",
"version": "14.1(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR2"
},
{
"status": "affected",
"version": "11.0(6)SR4"
},
{
"status": "affected",
"version": "14.2(1)"
},
{
"status": "affected",
"version": "14.2(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR5"
},
{
"status": "affected",
"version": "14.1(1)SR3"
},
{
"status": "affected",
"version": "14.2(1)SR2"
},
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "2.3(1)"
},
{
"status": "affected",
"version": "2.3(1)SR1"
},
{
"status": "affected",
"version": "2.2(1)"
},
{
"status": "affected",
"version": "2.1(1)"
},
{
"status": "affected",
"version": "2.0(1)"
},
{
"status": "affected",
"version": "14.2(1)SR3"
},
{
"status": "affected",
"version": "3.1(1)SR1"
},
{
"status": "affected",
"version": "14.3(1)"
},
{
"status": "affected",
"version": "3.2(1)"
},
{
"status": "affected",
"version": "14.3(1)SR1"
},
{
"status": "affected",
"version": "14.2(1)SR4"
},
{
"status": "affected",
"version": "11.0(6)SR6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write arbitrary files on an affected device.\r\n\r\nThis vulnerability is due to a lack of proper authentication controls. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to perform arbitrary file writes to specific directories in the underlying operating system.\r\nNote: To exploit this vulnerability, Web Access must be enabled on the phone. Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:41:06.201Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-phone-write-g3kcC5Df",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-write-g3kcC5Df"
}
],
"source": {
"advisory": "cisco-sa-phone-write-g3kcC5Df",
"defects": [
"CSCwn51679"
],
"discovery": "INTERNAL"
},
"title": "Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Information Arbitrary File Write Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20335",
"datePublished": "2025-09-03T17:41:06.201Z",
"dateReserved": "2024-10-10T19:15:13.255Z",
"dateUpdated": "2025-09-03T17:56:55.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20336 (GCVE-0-2025-20336)
Vulnerability from cvelistv5 – Published: 2025-09-03 17:41 – Updated: 2025-09-03 17:57
VLAI?
Summary
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device.
This vulnerability exists because the product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. An attacker could exploit this vulnerability by sending a crafted packet to the IP address of a device that has Web Access enabled. A successful exploit could allow the attacker to access sensitive information from the device.
Note: To exploit this vulnerability, Web Access must be enabled on the phone. Web Access is disabled by default.
Severity ?
5.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
12.1(1)SR1
Affected: 11.5(1) Affected: 10.3(2) Affected: 10.2(2) Affected: 10.3(1) Affected: 10.3(1)SR4 Affected: 11.0(1) Affected: 10.4(1)SR2 3rd Party Affected: 11.7(1) Affected: 12.1(1) Affected: 11.0(0.7) MPP Affected: 9.3(4) 3rd Party Affected: 12.5(1)SR2 Affected: 10.2(1)SR1 Affected: 9.3(4)SR3 3rd Party Affected: 10.2(1) Affected: 12.5(1) Affected: 10.3(1)SR2 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 12.5(1)SR1 Affected: 11.5(1)SR1 Affected: 10.1(1)SR2 Affected: 12.0(1)SR2 Affected: 12.6(1) Affected: 10.3(1.11) 3rd Party Affected: 12.0(1) Affected: 12.0(1)SR1 Affected: 9.3(3) Affected: 12.5(1)SR3 Affected: 10.3(1)SR4b Affected: 9.3(4)SR1 3rd Party Affected: 10.3(1)SR5 Affected: 10.1(1.9) Affected: 10.3(1.9) 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 10.3(1)SR1 Affected: 10.3(1)SR3 Affected: 10.1(1)SR1 Affected: 12.0(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 10.3(1)SR6 Affected: 12.8(1) Affected: 12.7(1)SR1 Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 14.0(1) Affected: 14.0(1)SR1 Affected: 10.3(1)SR7 Affected: 14.0(1)SR2 Affected: 14.1(1) Affected: 14.0(1)SR3 Affected: 14.1(1)SR1 Affected: 14.1(1)SR2 Affected: 14.2(1) Affected: 14.2(1)SR1 Affected: 14.1(1)SR3 Affected: 14.2(1)SR2 Affected: 3.1(1) Affected: 3.0(1) Affected: 2.3(1) Affected: 2.3(1)SR1 Affected: 2.2(1) Affected: 2.1(1) Affected: 2.0(1) Affected: 14.2(1)SR3 Affected: 3.1(1)SR1 Affected: 14.3(1) Affected: 3.2(1) Affected: 14.3(1)SR1 Affected: 14.2(1)SR4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20336",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T17:57:26.410747Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:57:31.207Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "14.1(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR2"
},
{
"status": "affected",
"version": "14.2(1)"
},
{
"status": "affected",
"version": "14.2(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR3"
},
{
"status": "affected",
"version": "14.2(1)SR2"
},
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "2.3(1)"
},
{
"status": "affected",
"version": "2.3(1)SR1"
},
{
"status": "affected",
"version": "2.2(1)"
},
{
"status": "affected",
"version": "2.1(1)"
},
{
"status": "affected",
"version": "2.0(1)"
},
{
"status": "affected",
"version": "14.2(1)SR3"
},
{
"status": "affected",
"version": "3.1(1)SR1"
},
{
"status": "affected",
"version": "14.3(1)"
},
{
"status": "affected",
"version": "3.2(1)"
},
{
"status": "affected",
"version": "14.3(1)SR1"
},
{
"status": "affected",
"version": "14.2(1)SR4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device.\r\n\r\nThis vulnerability exists because the product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. An attacker could exploit this vulnerability by sending a crafted packet to the IP address of a device that has Web Access enabled. A successful exploit could allow the attacker to access sensitive information from the device.\r\nNote: To exploit this vulnerability, Web Access must be enabled on the phone. Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:41:01.463Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-phone-write-g3kcC5Df",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-write-g3kcC5Df"
}
],
"source": {
"advisory": "cisco-sa-phone-write-g3kcC5Df",
"defects": [
"CSCwn51677"
],
"discovery": "INTERNAL"
},
"title": "Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20336",
"datePublished": "2025-09-03T17:41:01.463Z",
"dateReserved": "2024-10-10T19:15:13.255Z",
"dateUpdated": "2025-09-03T17:57:31.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20158 (GCVE-0-2025-20158)
Vulnerability from cvelistv5 – Published: 2025-02-19 16:06 – Updated: 2025-02-19 16:22
VLAI?
Summary
A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials with SSH access on the affected device. SSH access is disabled by default.
This vulnerability is due to insufficient validation of user-supplied input by the debug shell of an affected device. An attacker could exploit this vulnerability by sending a crafted SSH client command to the CLI. A successful exploit could allow the attacker to access sensitive information on the underlying operating system.
Severity ?
4.4 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
3.1(1)
Affected: 3.0(1) Affected: 2.3(1) Affected: 2.3(1)SR1 Affected: 2.2(1) Affected: 2.1(1) Affected: 2.0(1) Affected: 3.1(1)SR1 Affected: 3.2(1) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20158",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-19T16:20:34.156069Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-19T16:22:29.304Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "2.3(1)"
},
{
"status": "affected",
"version": "2.3(1)SR1"
},
{
"status": "affected",
"version": "2.2(1)"
},
{
"status": "affected",
"version": "2.1(1)"
},
{
"status": "affected",
"version": "2.0(1)"
},
{
"status": "affected",
"version": "3.1(1)SR1"
},
{
"status": "affected",
"version": "3.2(1)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials with SSH access on the affected device. SSH access is disabled by default.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input by the debug shell of an affected device. An attacker could exploit this vulnerability by sending a crafted SSH client command to the CLI. A successful exploit could allow the attacker to access sensitive information on the underlying operating system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-19T16:06:00.812Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-phone-info-disc-YyxsWStK",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-info-disc-YyxsWStK"
}
],
"source": {
"advisory": "cisco-sa-phone-info-disc-YyxsWStK",
"defects": [
"CSCwn51779"
],
"discovery": "INTERNAL"
},
"title": "Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20158",
"datePublished": "2025-02-19T16:06:00.812Z",
"dateReserved": "2024-10-10T19:15:13.217Z",
"dateUpdated": "2025-02-19T16:22:29.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1379 (GCVE-0-2021-1379)
Vulnerability from cvelistv5 – Published: 2024-11-18 15:42 – Updated: 2024-11-18 16:23
VLAI?
Summary
Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP phone.
These vulnerabilities are due to missing checks when the IP phone processes a Cisco Discovery Protocol or LLDP packet. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted IP phone. A successful exploit could allow the attacker to execute code on the affected IP phone or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition.Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
Severity ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco IP Phones with Multiplatform Firmware |
Affected:
11.1.2
Affected: 11.2.1 Affected: 11.2.3 Affected: 11.2.2 Affected: 11.2.3 MSR1-1 Affected: 11.1.2 MSR1-1 Affected: 11.1.1 Affected: 11.1.2 MSR3-1 Affected: 11.0.0 Affected: 11.1.1 MSR1-1 Affected: 11.0.1 Affected: 11.1.1 MSR2-1 Affected: 11.2.4 Affected: 11.0.1 MSR1-1 Affected: 11.0.2 Affected: 11.3.1 Affected: 11.3.1 MSR1-3 Affected: 11.3.2 Affected: 11.3.1 MSR2-6 Affected: 11.3.1 MSR3-3 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1379",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-18T16:22:56.651830Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T16:23:13.534Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco IP Phones with Multiplatform Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.1.2"
},
{
"status": "affected",
"version": "11.2.1"
},
{
"status": "affected",
"version": "11.2.3"
},
{
"status": "affected",
"version": "11.2.2"
},
{
"status": "affected",
"version": "11.2.3 MSR1-1"
},
{
"status": "affected",
"version": "11.1.2 MSR1-1"
},
{
"status": "affected",
"version": "11.1.1"
},
{
"status": "affected",
"version": "11.1.2 MSR3-1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "11.1.1 MSR1-1"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.1.1 MSR2-1"
},
{
"status": "affected",
"version": "11.2.4"
},
{
"status": "affected",
"version": "11.0.1 MSR1-1"
},
{
"status": "affected",
"version": "11.0.2"
},
{
"status": "affected",
"version": "11.3.1"
},
{
"status": "affected",
"version": "11.3.1 MSR1-3"
},
{
"status": "affected",
"version": "11.3.2"
},
{
"status": "affected",
"version": "11.3.1 MSR2-6"
},
{
"status": "affected",
"version": "11.3.1 MSR3-3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.0(3)"
},
{
"status": "affected",
"version": "9.0(2)SR2"
},
{
"status": "affected",
"version": "9.0(2)SR1"
},
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.4(2)SR1"
},
{
"status": "affected",
"version": "9.4(2)"
},
{
"status": "affected",
"version": "9.4(2)SR2"
},
{
"status": "affected",
"version": "9.4(2)SR3"
},
{
"status": "affected",
"version": "9.3(1)SR2"
},
{
"status": "affected",
"version": "9.3(1)SR3"
},
{
"status": "affected",
"version": "9.3(1)SR1"
},
{
"status": "affected",
"version": "9.1(1)SR1"
},
{
"status": "affected",
"version": "9.3(1)SR4"
},
{
"status": "affected",
"version": "9.2(3)"
},
{
"status": "affected",
"version": "9.2(1)SR2"
},
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "9.4(2)SR4"
},
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR5"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Small Business IP Phones",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.4.8"
},
{
"status": "affected",
"version": "7.4.3"
},
{
"status": "affected",
"version": "7.5.5a"
},
{
"status": "affected",
"version": "7.3.7"
},
{
"status": "affected",
"version": "7.5.2"
},
{
"status": "affected",
"version": "7.5.1"
},
{
"status": "affected",
"version": "7.4.6"
},
{
"status": "affected",
"version": "7.5.7"
},
{
"status": "affected",
"version": "7.4.4"
},
{
"status": "affected",
"version": "7.6.2SR3"
},
{
"status": "affected",
"version": "7.6.2"
},
{
"status": "affected",
"version": "7.5.6"
},
{
"status": "affected",
"version": "7.5.6c"
},
{
"status": "affected",
"version": "7.6.0"
},
{
"status": "affected",
"version": "7.4.7"
},
{
"status": "affected",
"version": "7.6.2SR6"
},
{
"status": "affected",
"version": "7.5.2b"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "7.5.6a"
},
{
"status": "affected",
"version": "7.6.2SR2"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.5.2a"
},
{
"status": "affected",
"version": "7.5.6(XU)"
},
{
"status": "affected",
"version": "7.5.7s"
},
{
"status": "affected",
"version": "7.6.2SR4"
},
{
"status": "affected",
"version": "7.6.2SR1"
},
{
"status": "affected",
"version": "7.4.9"
},
{
"status": "affected",
"version": "7.5.5b"
},
{
"status": "affected",
"version": "7.6.2SR5"
},
{
"status": "affected",
"version": "7.5.4"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.6.2SR7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the Cisco\u0026nbsp;Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco\u0026nbsp;IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP phone.\r\nThese vulnerabilities are due to missing checks when the IP phone processes a Cisco\u0026nbsp;Discovery Protocol or LLDP packet. An attacker could exploit these vulnerabilities by sending a malicious Cisco\u0026nbsp;Discovery Protocol or LLDP packet to the targeted IP phone. A successful exploit could allow the attacker to execute code on the affected IP phone or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition.Note: Cisco\u0026nbsp;Discovery Protocol is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).Cisco\u0026nbsp;has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco\u00a0Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/RL:X/RC:X/E:X",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T15:42:00.388Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ipphone-rce-dos-U2PsSkz3",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-rce-dos-U2PsSkz3"
},
{
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-distupd-N87eB6Z3",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-distupd-N87eB6Z3"
}
],
"source": {
"advisory": "cisco-sa-ipphone-rce-dos-U2PsSkz3",
"defects": [
"CSCvu59351"
],
"discovery": "EXTERNAL"
},
"title": "Cisco IP Phones Cisco Discovery Protocol and Link Layer Discovery Protocol Remote Code Execution and Denial of Service Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1379",
"datePublished": "2024-11-18T15:42:00.388Z",
"dateReserved": "2020-11-13T00:00:00.000Z",
"dateUpdated": "2024-11-18T16:23:13.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20534 (GCVE-0-2024-20534)
Vulnerability from cvelistv5 – Published: 2024-11-06 16:31 – Updated: 2024-11-06 17:00
VLAI?
Summary
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks against users.
This vulnerability exists because the web UI of an affected device does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Note: To exploit this vulnerability, Web Access must be enabled on the phone and the attacker must have Admin credentials on the device. Web Access is disabled by default.
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco IP Phones with Multiplatform Firmware |
Affected:
11.1.2
Affected: 11.2.1 Affected: 11.2.3 Affected: 11.2.2 Affected: 11.2.3 MSR1-1 Affected: 11.1.2 MSR1-1 Affected: 11.1.1 Affected: 11.1.2 MSR3-1 Affected: 11.0.0 Affected: 11.1.1 MSR1-1 Affected: 11.0.1 Affected: 11.1.1 MSR2-1 Affected: 11.2.4 Affected: 11.0.1 MSR1-1 Affected: 11.0.2 Affected: 11.3.1 Affected: 11.3.1 MSR1-3 Affected: 11.3.2 Affected: 11.3.1 MSR2-6 Affected: 11-3-1MSR2UPG Affected: 4.7.1 Affected: 4.6 MSR1 Affected: 11.3.1 MSR3-3 Affected: 4.8.1 Affected: 11.3.3 Affected: 11.3.1 MSR4-1 Affected: 11.3.4 Affected: 4.8.1 SR1 Affected: 11.3.5 Affected: 11.3.3 MSR1 Affected: 5.0.1 Affected: 11.3.3 MSR2 Affected: 11.3.6 Affected: 11-3-1MPPSR4UPG Affected: 11.3.6SR1 Affected: 11.3.7 Affected: 5.1.1 Affected: 11.3.7SR1 Affected: 12.0.1 Affected: 12.0.2 Affected: 11.3.7SR2 Affected: 12.0.3 Affected: 12.0.3SR1 Affected: 12.0.4 Affected: 12.0.4SR1 Affected: 12.0.5 Affected: 12.0.5SR1 Affected: 12.0.3SR2 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20534",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T16:59:56.911012Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T17:00:08.112Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco IP Phones with Multiplatform Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.1.2"
},
{
"status": "affected",
"version": "11.2.1"
},
{
"status": "affected",
"version": "11.2.3"
},
{
"status": "affected",
"version": "11.2.2"
},
{
"status": "affected",
"version": "11.2.3 MSR1-1"
},
{
"status": "affected",
"version": "11.1.2 MSR1-1"
},
{
"status": "affected",
"version": "11.1.1"
},
{
"status": "affected",
"version": "11.1.2 MSR3-1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "11.1.1 MSR1-1"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.1.1 MSR2-1"
},
{
"status": "affected",
"version": "11.2.4"
},
{
"status": "affected",
"version": "11.0.1 MSR1-1"
},
{
"status": "affected",
"version": "11.0.2"
},
{
"status": "affected",
"version": "11.3.1"
},
{
"status": "affected",
"version": "11.3.1 MSR1-3"
},
{
"status": "affected",
"version": "11.3.2"
},
{
"status": "affected",
"version": "11.3.1 MSR2-6"
},
{
"status": "affected",
"version": "11-3-1MSR2UPG"
},
{
"status": "affected",
"version": "4.7.1"
},
{
"status": "affected",
"version": "4.6 MSR1"
},
{
"status": "affected",
"version": "11.3.1 MSR3-3"
},
{
"status": "affected",
"version": "4.8.1"
},
{
"status": "affected",
"version": "11.3.3"
},
{
"status": "affected",
"version": "11.3.1 MSR4-1"
},
{
"status": "affected",
"version": "11.3.4"
},
{
"status": "affected",
"version": "4.8.1 SR1"
},
{
"status": "affected",
"version": "11.3.5"
},
{
"status": "affected",
"version": "11.3.3 MSR1"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "11.3.3 MSR2"
},
{
"status": "affected",
"version": "11.3.6"
},
{
"status": "affected",
"version": "11-3-1MPPSR4UPG"
},
{
"status": "affected",
"version": "11.3.6SR1"
},
{
"status": "affected",
"version": "11.3.7"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "11.3.7SR1"
},
{
"status": "affected",
"version": "12.0.1"
},
{
"status": "affected",
"version": "12.0.2"
},
{
"status": "affected",
"version": "11.3.7SR2"
},
{
"status": "affected",
"version": "12.0.3"
},
{
"status": "affected",
"version": "12.0.3SR1"
},
{
"status": "affected",
"version": "12.0.4"
},
{
"status": "affected",
"version": "12.0.4SR1"
},
{
"status": "affected",
"version": "12.0.5"
},
{
"status": "affected",
"version": "12.0.5SR1"
},
{
"status": "affected",
"version": "12.0.3SR2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "3.1(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks against users.\r\n\r\nThis vulnerability exists because the web UI of an affected device does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\r\nNote: To exploit this vulnerability, Web Access must be enabled on the phone and the attacker must have Admin credentials on the device. Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:55:30.873Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-mpp-xss-8tAV2TvF",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mpp-xss-8tAV2TvF"
}
],
"source": {
"advisory": "cisco-sa-mpp-xss-8tAV2TvF",
"defects": [
"CSCwm39676"
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 6800, 7800, 8800, and 9800 Series with Multiplatform Firmware Stored Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20534",
"datePublished": "2024-11-06T16:31:30.293Z",
"dateReserved": "2023-11-08T15:08:07.692Z",
"dateUpdated": "2024-11-06T17:00:08.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20533 (GCVE-0-2024-20533)
Vulnerability from cvelistv5 – Published: 2024-11-06 16:31 – Updated: 2024-11-06 17:00
VLAI?
Summary
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks against users.
This vulnerability exists because the web UI of an affected device does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Note: To exploit this vulnerability, Web Access must be enabled on the phone and the attacker must have Admin credentials on the device. Web Access is disabled by default.
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco IP Phones with Multiplatform Firmware |
Affected:
11.1.2
Affected: 11.2.1 Affected: 11.2.3 Affected: 11.2.2 Affected: 11.2.3 MSR1-1 Affected: 11.1.2 MSR1-1 Affected: 11.1.1 Affected: 11.1.2 MSR3-1 Affected: 11.0.0 Affected: 11.1.1 MSR1-1 Affected: 11.0.1 Affected: 11.1.1 MSR2-1 Affected: 11.2.4 Affected: 11.0.1 MSR1-1 Affected: 11.0.2 Affected: 11.3.1 Affected: 11.3.1 MSR1-3 Affected: 11.3.2 Affected: 11.3.1 MSR2-6 Affected: 11-3-1MSR2UPG Affected: 11.3.1 MSR3-3 Affected: 11.3.3 Affected: 11.3.1 MSR4-1 Affected: 11.3.4 Affected: 11.3.5 Affected: 11.3.3 MSR1 Affected: 11.3.3 MSR2 Affected: 11.3.6 Affected: 11-3-1MPPSR4UPG Affected: 11.3.6SR1 Affected: 11.3.7 Affected: 11.3.7SR1 Affected: 12.0.1 Affected: 12.0.2 Affected: 11.3.7SR2 Affected: 12.0.3 Affected: 12.0.3SR1 Affected: 12.0.4 Affected: 12.0.4SR1 Affected: 12.0.5 Affected: 12.0.5SR1 Affected: 12.0.3SR2 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20533",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T17:00:30.709215Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T17:00:38.504Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco IP Phones with Multiplatform Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.1.2"
},
{
"status": "affected",
"version": "11.2.1"
},
{
"status": "affected",
"version": "11.2.3"
},
{
"status": "affected",
"version": "11.2.2"
},
{
"status": "affected",
"version": "11.2.3 MSR1-1"
},
{
"status": "affected",
"version": "11.1.2 MSR1-1"
},
{
"status": "affected",
"version": "11.1.1"
},
{
"status": "affected",
"version": "11.1.2 MSR3-1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "11.1.1 MSR1-1"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.1.1 MSR2-1"
},
{
"status": "affected",
"version": "11.2.4"
},
{
"status": "affected",
"version": "11.0.1 MSR1-1"
},
{
"status": "affected",
"version": "11.0.2"
},
{
"status": "affected",
"version": "11.3.1"
},
{
"status": "affected",
"version": "11.3.1 MSR1-3"
},
{
"status": "affected",
"version": "11.3.2"
},
{
"status": "affected",
"version": "11.3.1 MSR2-6"
},
{
"status": "affected",
"version": "11-3-1MSR2UPG"
},
{
"status": "affected",
"version": "11.3.1 MSR3-3"
},
{
"status": "affected",
"version": "11.3.3"
},
{
"status": "affected",
"version": "11.3.1 MSR4-1"
},
{
"status": "affected",
"version": "11.3.4"
},
{
"status": "affected",
"version": "11.3.5"
},
{
"status": "affected",
"version": "11.3.3 MSR1"
},
{
"status": "affected",
"version": "11.3.3 MSR2"
},
{
"status": "affected",
"version": "11.3.6"
},
{
"status": "affected",
"version": "11-3-1MPPSR4UPG"
},
{
"status": "affected",
"version": "11.3.6SR1"
},
{
"status": "affected",
"version": "11.3.7"
},
{
"status": "affected",
"version": "11.3.7SR1"
},
{
"status": "affected",
"version": "12.0.1"
},
{
"status": "affected",
"version": "12.0.2"
},
{
"status": "affected",
"version": "11.3.7SR2"
},
{
"status": "affected",
"version": "12.0.3"
},
{
"status": "affected",
"version": "12.0.3SR1"
},
{
"status": "affected",
"version": "12.0.4"
},
{
"status": "affected",
"version": "12.0.4SR1"
},
{
"status": "affected",
"version": "12.0.5"
},
{
"status": "affected",
"version": "12.0.5SR1"
},
{
"status": "affected",
"version": "12.0.3SR2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "3.1(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks against users.\r\n\r\nThis vulnerability exists because the web UI of an affected device does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\r\nNote: To exploit this vulnerability, Web Access must be enabled on the phone and the attacker must have Admin credentials on the device. Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:55:22.819Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-mpp-xss-8tAV2TvF",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mpp-xss-8tAV2TvF"
}
],
"source": {
"advisory": "cisco-sa-mpp-xss-8tAV2TvF",
"defects": [
"CSCwm38104"
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 6800, 7800, 8800, and 9800 Series with Multiplatform Firmware Stored Cross-Site Scripting Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20533",
"datePublished": "2024-11-06T16:31:21.072Z",
"dateReserved": "2023-11-08T15:08:07.692Z",
"dateUpdated": "2024-11-06T17:00:38.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20445 (GCVE-0-2024-20445)
Vulnerability from cvelistv5 – Published: 2024-11-06 16:29 – Updated: 2024-11-06 22:00
VLAI?
Summary
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device.
This vulnerability is due to improper storage of sensitive information within the web UI of Session Initiation Protocol (SIP)-based phone loads. An attacker could exploit this vulnerability by browsing to the IP address of a device that has Web Access enabled. A successful exploit could allow the attacker to access sensitive information, including incoming and outgoing call records.
Note: Web Access is disabled by default.
Severity ?
5.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
12.1(1)SR1
Affected: 11.5(1) Affected: 10.3(2) Affected: 10.2(2) Affected: 10.3(1) Affected: 10.3(1)SR4 Affected: 11.0(1) Affected: 10.4(1)SR2 3rd Party Affected: 11.7(1) Affected: 12.1(1) Affected: 11.0(0.7) MPP Affected: 9.3(4) 3rd Party Affected: 12.5(1)SR2 Affected: 10.2(1)SR1 Affected: 9.3(4)SR3 3rd Party Affected: 10.2(1) Affected: 12.5(1) Affected: 10.3(1)SR2 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 12.5(1)SR1 Affected: 11.5(1)SR1 Affected: 10.1(1)SR2 Affected: 12.0(1)SR2 Affected: 12.6(1) Affected: 10.3(1.11) 3rd Party Affected: 12.0(1) Affected: 12.0(1)SR1 Affected: 9.3(3) Affected: 12.5(1)SR3 Affected: 10.3(1)SR4b Affected: 9.3(4)SR1 3rd Party Affected: 10.3(1)SR5 Affected: 10.1(1.9) Affected: 10.3(1.9) 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 10.3(1)SR1 Affected: 10.3(1)SR3 Affected: 10.1(1)SR1 Affected: 12.0(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 10.3(1)SR6 Affected: 12.8(1) Affected: 12.7(1)SR1 Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 14.0(1) Affected: 14.0(1)SR1 Affected: 10.3(1)SR7 Affected: 14.0(1)SR2 Affected: 14.1(1) Affected: 14.0(1)SR3 Affected: 14.1(1)SR1 Affected: 14.1(1)SR2 Affected: 14.2(1) Affected: 14.2(1)SR1 Affected: 14.1(1)SR3 Affected: 14.2(1)SR2 Affected: 3.1(1) Affected: 3.0(1) Affected: 14.2(1)SR3 Affected: 3.1(1)SR1 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:sip_ip_phone_software:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sip_ip_phone_software",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2_3rd_Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7)_MPP"
},
{
"status": "affected",
"version": "9.3(4)_3rd_Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3_3rd_Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1)_3rd_Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11)_3rd_Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1_3rd_Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9)_3rd_Party"
},
{
"status": "affected",
"version": "9.3(4)SR2_3rd_Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "14.1(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR2"
},
{
"status": "affected",
"version": "14.2(1)"
},
{
"status": "affected",
"version": "14.2(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR3"
},
{
"status": "affected",
"version": "14.2(1)SR2"
},
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "14.2(1)SR3"
},
{
"status": "affected",
"version": "3.1(1)SR1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20445",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T17:23:46.067108Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T22:00:02.234Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "14.1(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR2"
},
{
"status": "affected",
"version": "14.2(1)"
},
{
"status": "affected",
"version": "14.2(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR3"
},
{
"status": "affected",
"version": "14.2(1)SR2"
},
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "14.2(1)SR3"
},
{
"status": "affected",
"version": "3.1(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device.\r\n\r\nThis vulnerability is due to improper storage of sensitive information within the web UI of Session Initiation Protocol (SIP)-based phone loads. An attacker could exploit this vulnerability by browsing to the IP address of a device that has Web Access enabled. A successful exploit could allow the attacker to access sensitive information, including incoming and outgoing call records.\r\nNote: Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:29:06.293Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-phone-infodisc-sbyqQVbG",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-infodisc-sbyqQVbG"
}
],
"source": {
"advisory": "cisco-sa-phone-infodisc-sbyqQVbG",
"defects": [
"CSCwk25862"
],
"discovery": "EXTERNAL"
},
"title": "Cisco IP Phone 7800, 8800, and 9800 Series Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20445",
"datePublished": "2024-11-06T16:29:06.293Z",
"dateReserved": "2023-11-08T15:08:07.678Z",
"dateUpdated": "2024-11-06T22:00:02.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20265 (GCVE-0-2023-20265)
Vulnerability from cvelistv5 – Published: 2023-11-21 18:45 – Updated: 2024-08-29 20:02
VLAI?
Summary
A vulnerability in the web-based management interface of a small subset of Cisco IP Phones could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials to access the web-based management interface of the affected device.
Severity ?
5.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco IP Phones with Multiplatform Firmware |
Affected:
4.5
Affected: 4.6 MSR1 Affected: 4.7.1 Affected: 4.8.1 Affected: 4.8.1 SR1 Affected: 5.0.1 Affected: 5.1.1 Affected: 5.1.2 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:36.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-uipphone-xss-NcmUykqA",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uipphone-xss-NcmUykqA"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20265",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-21T20:02:01.391549Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T20:02:00.535Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP Phones with Multiplatform Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.5"
},
{
"status": "affected",
"version": "4.6 MSR1"
},
{
"status": "affected",
"version": "4.7.1"
},
{
"status": "affected",
"version": "4.8.1"
},
{
"status": "affected",
"version": "4.8.1 SR1"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1.2"
}
]
},
{
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "9.1(1)"
},
{
"status": "affected",
"version": "9.3(1)SR2"
},
{
"status": "affected",
"version": "9.4(1)"
},
{
"status": "affected",
"version": "9.2(2)"
},
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.3(1)SR1"
},
{
"status": "affected",
"version": "9.4(1)SR2"
},
{
"status": "affected",
"version": "9.4(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of a small subset of Cisco IP Phones could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials to access the web-based management interface of the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:58:35.584Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-uipphone-xss-NcmUykqA",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uipphone-xss-NcmUykqA"
}
],
"source": {
"advisory": "cisco-sa-uipphone-xss-NcmUykqA",
"defects": [
"CSCwf58594",
"CSCwf58592",
"CSCwf58578"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20265",
"datePublished": "2023-11-21T18:45:33.998Z",
"dateReserved": "2022-10-27T18:47:50.373Z",
"dateUpdated": "2024-08-29T20:02:00.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20018 (GCVE-0-2023-20018)
Vulnerability from cvelistv5 – Published: 2023-01-19 01:35 – Updated: 2024-08-02 08:57
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication.
Severity ?
8.6 (High)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
9.3(4) 3rd Party
Affected: 9.3(4)SR3 3rd Party Affected: 9.3(4)SR1 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 11.0(3)SR3 Affected: 11.0(2)SR1 Affected: 11.5(1) Affected: 11.0(5)SR2 Affected: 11.0(2) Affected: 11.7(1) Affected: 11.0(4)SR3 Affected: 11.0(0.7) MPP Affected: 11.0(4)SR2 Affected: 11.0(3)SR5 Affected: 11.0(3)SR6 Affected: 11.0(3) Affected: 11.0(4)SR1 Affected: 11.0(1) MPP Affected: 11.0(4) Affected: 11.0(3)SR4 Affected: 11.0(5) Affected: 11.0(3)SR1 Affected: 11.0(5)SR1 Affected: 11.0(3)SR2 Affected: 11.0(2)SR2 Affected: 11.0(1) Affected: 11.5(1)SR1 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 10.3(1.11) 3rd Party Affected: 10.2(2) Affected: 10.2(1)SR1 Affected: 10.1(1.9) Affected: 10.1(1)SR2 Affected: 10.2(1) Affected: 10.1(1)SR1 Affected: 10.4(1)SR2 3rd Party Affected: 10.3(1) Affected: 10.3(1)SR4b Affected: 10.3(1)SR5 Affected: 10.3(1.9) 3rd Party Affected: 10.3(2) Affected: 10.3(1)SR4 Affected: 10.3(1)SR2 Affected: 10.3(1)SR3 Affected: 10.3(1)SR1 Affected: 12.6(1) Affected: 12.1(1) Affected: 12.5(1)SR1 Affected: 12.5(1)SR2 Affected: 12.5(1) Affected: 12.5(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 12.1(1)SR1 Affected: 12.0(1) Affected: 12.0(1)SR2 Affected: 12.0(1)SR1 Affected: 12.0(1)SR3 Affected: 12.8(1) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 11.0(5)SR3 Affected: 11.0(6) Affected: 11.0(6)SR1 Affected: 11.0(6)SR2 Affected: 10.3(1)SR6 Affected: 10.3(1)SR7 Affected: 12.7(1)SR1 Affected: 14.0(1)SR1 Affected: 14.0(1) Affected: 14.0(1)SR2 Affected: 14.0(1)SR3 Affected: 14.1(1) Affected: 14.1(1)SR1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ip-phone-auth-bypass-pSqxZRPR",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-auth-bypass-pSqxZRPR"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR5"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(1) MPP"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(6)"
},
{
"status": "affected",
"version": "11.0(6)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.1(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:31.975Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ip-phone-auth-bypass-pSqxZRPR",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-auth-bypass-pSqxZRPR"
}
],
"source": {
"advisory": "cisco-sa-ip-phone-auth-bypass-pSqxZRPR",
"defects": [
"CSCwc37223",
"CSCwc37234"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20018",
"datePublished": "2023-01-19T01:35:41.006Z",
"dateReserved": "2022-10-27T18:47:50.308Z",
"dateUpdated": "2024-08-02T08:57:35.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20968 (GCVE-0-2022-20968)
Vulnerability from cvelistv5 – Published: 2022-12-08 16:13 – Updated: 2024-08-03 02:31
VLAI?
Summary
A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device.
This vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol traffic to an affected device. A successful exploit could allow the attacker to cause a stack overflow, resulting in possible remote code execution or a denial of service (DoS) condition on an affected device.
Severity ?
8.1 (High)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
9.3(4) 3rd Party
Affected: 9.3(4)SR3 3rd Party Affected: 9.3(4)SR1 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 11.5(1) Affected: 11.7(1) Affected: 11.0(0.7) MPP Affected: 11.0(1) MPP Affected: 11.0(1) Affected: 11.5(1)SR1 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 10.3(1.11) 3rd Party Affected: 10.2(2) Affected: 10.2(1)SR1 Affected: 10.1(1.9) Affected: 10.1(1)SR2 Affected: 10.2(1) Affected: 10.1(1)SR1 Affected: 10.4(1)SR2 3rd Party Affected: 10.3(1) Affected: 10.3(1)SR4b Affected: 10.3(1)SR5 Affected: 10.3(1.9) 3rd Party Affected: 10.3(2) Affected: 10.3(1)SR4 Affected: 10.3(1)SR2 Affected: 10.3(1)SR3 Affected: 10.3(1)SR1 Affected: 12.6(1) Affected: 12.1(1) Affected: 12.5(1)SR1 Affected: 12.5(1)SR2 Affected: 12.5(1) Affected: 12.5(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 12.1(1)SR1 Affected: 12.0(1) Affected: 12.0(1)SR2 Affected: 12.0(1)SR1 Affected: 12.0(1)SR3 Affected: 12.8(1) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 10.3(1)SR6 Affected: 10.3(1)SR7 Affected: 12.7(1)SR1 Affected: 14.0(1)SR1 Affected: 14.0(1) Affected: 14.0(1)SR2 Affected: 14.0(1)SR3 Affected: 14.1(1) Affected: 14.1(1)SR1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:58.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ipp-oobwrite-8cMF5r7U",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipp-oobwrite-8cMF5r7U"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "11.0(1) MPP"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.1(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device.\r\n\r\nThis vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol traffic to an affected device. A successful exploit could allow the attacker to cause a stack overflow, resulting in possible remote code execution or a denial of service (DoS) condition on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory and that this vulnerability has been publicly discussed.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:28.167Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ipp-oobwrite-8cMF5r7U",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipp-oobwrite-8cMF5r7U"
}
],
"source": {
"advisory": "cisco-sa-ipp-oobwrite-8cMF5r7U",
"defects": [
"CSCwb28354"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20968",
"datePublished": "2022-12-08T16:13:11.258Z",
"dateReserved": "2021-11-02T13:28:29.197Z",
"dateUpdated": "2024-08-03T02:31:58.569Z",
"requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20660 (GCVE-0-2022-20660)
Vulnerability from cvelistv5 – Published: 2022-01-14 05:01 – Updated: 2024-11-06 16:33
VLAI?
Summary
A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks.
Severity ?
4.6 (Medium)
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:17:53.070Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220113 Cisco IP Phones Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
},
{
"name": "20220114 SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Jan/34"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20660",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T15:59:21.438909Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:33:25.971Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-17T19:06:13",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220113 Cisco IP Phones Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
},
{
"name": "20220114 SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/Jan/34"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
}
],
"source": {
"advisory": "cisco-sa-ip-phone-info-disc-fRdJfOxA",
"defect": [
[
"CSCvy39035",
"CSCvy39054",
"CSCvy39055",
"CSCvy39057",
"CSCvy39058",
"CSCvy39059"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phones Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-01-13T00:00:00",
"ID": "CVE-2022-20660",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phones Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Session Initiation Protocol (SIP) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.6",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-312"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220113 Cisco IP Phones Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
},
{
"name": "20220114 SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Jan/34"
},
{
"name": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
}
]
},
"source": {
"advisory": "cisco-sa-ip-phone-info-disc-fRdJfOxA",
"defect": [
[
"CSCvy39035",
"CSCvy39054",
"CSCvy39055",
"CSCvy39057",
"CSCvy39058",
"CSCvy39059"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20660",
"datePublished": "2022-01-14T05:01:29.253864Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:33:25.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20351 (GCVE-0-2025-20351)
Vulnerability from nvd – Published: 2025-10-15 16:15 – Updated: 2025-10-15 17:43
VLAI?
Summary
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI.
This vulnerability exists because the web UI of an affected device does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Note: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
12.1(1)SR1
Affected: 11.5(1) Affected: 10.3(2) Affected: 10.2(2) Affected: 10.3(1) Affected: 10.3(1)SR4 Affected: 11.0(1) Affected: 10.4(1)SR2 3rd Party Affected: 11.7(1) Affected: 12.1(1) Affected: 11.0(0.7) MPP Affected: 9.3(4) 3rd Party Affected: 12.5(1)SR2 Affected: 10.2(1)SR1 Affected: 9.3(4)SR3 3rd Party Affected: 10.2(1) Affected: 12.5(1) Affected: 10.3(1)SR2 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 12.5(1)SR1 Affected: 11.5(1)SR1 Affected: 10.1(1)SR2 Affected: 12.0(1)SR2 Affected: 12.6(1) Affected: 10.3(1.11) 3rd Party Affected: 12.0(1) Affected: 12.0(1)SR1 Affected: 9.3(3) Affected: 12.5(1)SR3 Affected: 10.3(1)SR4b Affected: 9.3(4)SR1 3rd Party Affected: 10.3(1)SR5 Affected: 10.1(1.9) Affected: 10.3(1.9) 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 10.3(1)SR1 Affected: 10.3(1)SR3 Affected: 10.1(1)SR1 Affected: 12.0(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 10.3(1)SR6 Affected: 12.8(1) Affected: 12.7(1)SR1 Affected: 11.0(2)SR1 Affected: 11.0(4) Affected: 11.0(2) Affected: 11.0(4)SR3 Affected: 11.0(5) Affected: 11.0(3)SR2 Affected: 11.0(3)SR4 Affected: 11.0(3)SR3 Affected: 11.0(2)SR2 Affected: 11.0(4)SR1 Affected: 11.0(5)SR3 Affected: 11.0(3) Affected: 11.0(5)SR2 Affected: 11.0(3)SR6 Affected: 11.0(5)SR1 Affected: 11.0(4)SR2 Affected: 11.0(3)SR1 Affected: 11.0(3)SR5 Affected: 11.0(6) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 14.0(1) Affected: 14.0(1)SR1 Affected: 11.0(6)SR1 Affected: 10.3(1)SR7 Affected: 14.0(1)SR2 Affected: 14.1(1) Affected: 14.0(1)SR3 Affected: 11.0(6)SR2 Affected: 14.1(1)SR1 Affected: 14.1(1)SR2 Affected: 11.0(6)SR4 Affected: 14.2(1) Affected: 14.2(1)SR1 Affected: 11.0(6)SR5 Affected: 14.1(1)SR3 Affected: 14.2(1)SR2 Affected: 3.1(1) Affected: 3.0(1) Affected: 2.3(1) Affected: 2.3(1)SR1 Affected: 2.2(1) Affected: 2.1(1) Affected: 2.0(1) Affected: 14.2(1)SR3 Affected: 3.1(1)SR1 Affected: 14.3(1) Affected: 3.2(1) Affected: 14.3(1)SR1 Affected: 14.2(1)SR4 Affected: 11.0(6)SR6 Affected: 14.3(1)SR2 Affected: 14.3(1)SR3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20351",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T17:41:21.666555Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T17:43:25.544Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR5"
},
{
"status": "affected",
"version": "11.0(6)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "11.0(6)SR2"
},
{
"status": "affected",
"version": "14.1(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR2"
},
{
"status": "affected",
"version": "11.0(6)SR4"
},
{
"status": "affected",
"version": "14.2(1)"
},
{
"status": "affected",
"version": "14.2(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR5"
},
{
"status": "affected",
"version": "14.1(1)SR3"
},
{
"status": "affected",
"version": "14.2(1)SR2"
},
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "2.3(1)"
},
{
"status": "affected",
"version": "2.3(1)SR1"
},
{
"status": "affected",
"version": "2.2(1)"
},
{
"status": "affected",
"version": "2.1(1)"
},
{
"status": "affected",
"version": "2.0(1)"
},
{
"status": "affected",
"version": "14.2(1)SR3"
},
{
"status": "affected",
"version": "3.1(1)SR1"
},
{
"status": "affected",
"version": "14.3(1)"
},
{
"status": "affected",
"version": "3.2(1)"
},
{
"status": "affected",
"version": "14.3(1)SR1"
},
{
"status": "affected",
"version": "14.2(1)SR4"
},
{
"status": "affected",
"version": "11.0(6)SR6"
},
{
"status": "affected",
"version": "14.3(1)SR2"
},
{
"status": "affected",
"version": "14.3(1)SR3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI.\r\n\r\nThis vulnerability exists because the web UI of an affected device does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\r\nNote: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T16:15:18.666Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-phone-dos-FPyjLV7A",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-dos-FPyjLV7A"
}
],
"source": {
"advisory": "cisco-sa-phone-dos-FPyjLV7A",
"defects": [
"CSCwn51683"
],
"discovery": "INTERNAL"
},
"title": "Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20351",
"datePublished": "2025-10-15T16:15:18.666Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-10-15T17:43:25.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20350 (GCVE-0-2025-20350)
Vulnerability from nvd – Published: 2025-10-15 16:15 – Updated: 2025-10-15 17:42
VLAI?
Summary
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.
This vulnerability is due to a buffer overflow when an affected device processes HTTP packets. An attacker could exploit this vulnerability by sending crafted HTTP input to the device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Note: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default.
Severity ?
7.5 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
12.1(1)SR1
Affected: 11.5(1) Affected: 10.3(2) Affected: 10.2(2) Affected: 10.3(1) Affected: 10.3(1)SR4 Affected: 11.0(1) Affected: 10.4(1)SR2 3rd Party Affected: 11.7(1) Affected: 12.1(1) Affected: 11.0(0.7) MPP Affected: 9.3(4) 3rd Party Affected: 12.5(1)SR2 Affected: 10.2(1)SR1 Affected: 9.3(4)SR3 3rd Party Affected: 10.2(1) Affected: 12.5(1) Affected: 10.3(1)SR2 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 12.5(1)SR1 Affected: 11.5(1)SR1 Affected: 10.1(1)SR2 Affected: 12.0(1)SR2 Affected: 12.6(1) Affected: 10.3(1.11) 3rd Party Affected: 12.0(1) Affected: 12.0(1)SR1 Affected: 9.3(3) Affected: 12.5(1)SR3 Affected: 10.3(1)SR4b Affected: 9.3(4)SR1 3rd Party Affected: 10.3(1)SR5 Affected: 10.1(1.9) Affected: 10.3(1.9) 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 10.3(1)SR1 Affected: 10.3(1)SR3 Affected: 10.1(1)SR1 Affected: 12.0(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 10.3(1)SR6 Affected: 12.8(1) Affected: 12.7(1)SR1 Affected: 11.0(2)SR1 Affected: 11.0(4) Affected: 11.0(2) Affected: 11.0(4)SR3 Affected: 11.0(5) Affected: 11.0(3)SR2 Affected: 11.0(3)SR4 Affected: 11.0(3)SR3 Affected: 11.0(2)SR2 Affected: 11.0(4)SR1 Affected: 11.0(5)SR3 Affected: 11.0(3) Affected: 11.0(5)SR2 Affected: 11.0(3)SR6 Affected: 11.0(5)SR1 Affected: 11.0(4)SR2 Affected: 11.0(3)SR1 Affected: 11.0(3)SR5 Affected: 11.0(6) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 14.0(1) Affected: 14.0(1)SR1 Affected: 11.0(6)SR1 Affected: 10.3(1)SR7 Affected: 14.0(1)SR2 Affected: 14.1(1) Affected: 14.0(1)SR3 Affected: 11.0(6)SR2 Affected: 14.1(1)SR1 Affected: 14.1(1)SR2 Affected: 11.0(6)SR4 Affected: 14.2(1) Affected: 14.2(1)SR1 Affected: 11.0(6)SR5 Affected: 14.1(1)SR3 Affected: 14.2(1)SR2 Affected: 3.1(1) Affected: 3.0(1) Affected: 2.3(1) Affected: 2.3(1)SR1 Affected: 2.2(1) Affected: 2.1(1) Affected: 2.0(1) Affected: 14.2(1)SR3 Affected: 3.1(1)SR1 Affected: 14.3(1) Affected: 3.2(1) Affected: 14.3(1)SR1 Affected: 14.2(1)SR4 Affected: 11.0(6)SR6 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T17:42:26.123690Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T17:42:59.642Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR5"
},
{
"status": "affected",
"version": "11.0(6)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "11.0(6)SR2"
},
{
"status": "affected",
"version": "14.1(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR2"
},
{
"status": "affected",
"version": "11.0(6)SR4"
},
{
"status": "affected",
"version": "14.2(1)"
},
{
"status": "affected",
"version": "14.2(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR5"
},
{
"status": "affected",
"version": "14.1(1)SR3"
},
{
"status": "affected",
"version": "14.2(1)SR2"
},
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "2.3(1)"
},
{
"status": "affected",
"version": "2.3(1)SR1"
},
{
"status": "affected",
"version": "2.2(1)"
},
{
"status": "affected",
"version": "2.1(1)"
},
{
"status": "affected",
"version": "2.0(1)"
},
{
"status": "affected",
"version": "14.2(1)SR3"
},
{
"status": "affected",
"version": "3.1(1)SR1"
},
{
"status": "affected",
"version": "14.3(1)"
},
{
"status": "affected",
"version": "3.2(1)"
},
{
"status": "affected",
"version": "14.3(1)SR1"
},
{
"status": "affected",
"version": "14.2(1)SR4"
},
{
"status": "affected",
"version": "11.0(6)SR6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to a buffer overflow when an affected device processes HTTP packets. An attacker could exploit this vulnerability by sending crafted HTTP input to the device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.\r\nNote: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T16:15:10.244Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-phone-dos-FPyjLV7A",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-dos-FPyjLV7A"
}
],
"source": {
"advisory": "cisco-sa-phone-dos-FPyjLV7A",
"defects": [
"CSCwn51601"
],
"discovery": "INTERNAL"
},
"title": "Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20350",
"datePublished": "2025-10-15T16:15:10.244Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-10-15T17:42:59.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20335 (GCVE-0-2025-20335)
Vulnerability from nvd – Published: 2025-09-03 17:41 – Updated: 2025-09-03 17:56
VLAI?
Summary
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write arbitrary files on an affected device.
This vulnerability is due to a lack of proper authentication controls. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to perform arbitrary file writes to specific directories in the underlying operating system.
Note: To exploit this vulnerability, Web Access must be enabled on the phone. Web Access is disabled by default.
Severity ?
5.3 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
12.1(1)SR1
Affected: 11.5(1) Affected: 10.3(2) Affected: 10.2(2) Affected: 10.3(1) Affected: 10.3(1)SR4 Affected: 11.0(1) Affected: 10.4(1)SR2 3rd Party Affected: 11.7(1) Affected: 12.1(1) Affected: 11.0(0.7) MPP Affected: 9.3(4) 3rd Party Affected: 12.5(1)SR2 Affected: 10.2(1)SR1 Affected: 9.3(4)SR3 3rd Party Affected: 10.2(1) Affected: 12.5(1) Affected: 10.3(1)SR2 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 12.5(1)SR1 Affected: 11.5(1)SR1 Affected: 10.1(1)SR2 Affected: 12.0(1)SR2 Affected: 12.6(1) Affected: 10.3(1.11) 3rd Party Affected: 12.0(1) Affected: 12.0(1)SR1 Affected: 9.3(3) Affected: 12.5(1)SR3 Affected: 10.3(1)SR4b Affected: 9.3(4)SR1 3rd Party Affected: 10.3(1)SR5 Affected: 10.1(1.9) Affected: 10.3(1.9) 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 10.3(1)SR1 Affected: 10.3(1)SR3 Affected: 10.1(1)SR1 Affected: 12.0(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 10.3(1)SR6 Affected: 12.8(1) Affected: 12.7(1)SR1 Affected: 11.0(2)SR1 Affected: 11.0(4) Affected: 11.0(2) Affected: 11.0(4)SR3 Affected: 11.0(5) Affected: 11.0(3)SR2 Affected: 11.0(3)SR4 Affected: 11.0(3)SR3 Affected: 11.0(2)SR2 Affected: 11.0(4)SR1 Affected: 11.0(5)SR3 Affected: 11.0(3) Affected: 11.0(5)SR2 Affected: 11.0(3)SR6 Affected: 11.0(5)SR1 Affected: 11.0(4)SR2 Affected: 11.0(3)SR1 Affected: 11.0(3)SR5 Affected: 11.0(6) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 14.0(1) Affected: 14.0(1)SR1 Affected: 11.0(6)SR1 Affected: 10.3(1)SR7 Affected: 14.0(1)SR2 Affected: 14.1(1) Affected: 14.0(1)SR3 Affected: 11.0(6)SR2 Affected: 14.1(1)SR1 Affected: 14.1(1)SR2 Affected: 11.0(6)SR4 Affected: 14.2(1) Affected: 14.2(1)SR1 Affected: 11.0(6)SR5 Affected: 14.1(1)SR3 Affected: 14.2(1)SR2 Affected: 3.1(1) Affected: 3.0(1) Affected: 2.3(1) Affected: 2.3(1)SR1 Affected: 2.2(1) Affected: 2.1(1) Affected: 2.0(1) Affected: 14.2(1)SR3 Affected: 3.1(1)SR1 Affected: 14.3(1) Affected: 3.2(1) Affected: 14.3(1)SR1 Affected: 14.2(1)SR4 Affected: 11.0(6)SR6 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20335",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T17:56:52.918108Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:56:55.586Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR5"
},
{
"status": "affected",
"version": "11.0(6)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "11.0(6)SR2"
},
{
"status": "affected",
"version": "14.1(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR2"
},
{
"status": "affected",
"version": "11.0(6)SR4"
},
{
"status": "affected",
"version": "14.2(1)"
},
{
"status": "affected",
"version": "14.2(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR5"
},
{
"status": "affected",
"version": "14.1(1)SR3"
},
{
"status": "affected",
"version": "14.2(1)SR2"
},
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "2.3(1)"
},
{
"status": "affected",
"version": "2.3(1)SR1"
},
{
"status": "affected",
"version": "2.2(1)"
},
{
"status": "affected",
"version": "2.1(1)"
},
{
"status": "affected",
"version": "2.0(1)"
},
{
"status": "affected",
"version": "14.2(1)SR3"
},
{
"status": "affected",
"version": "3.1(1)SR1"
},
{
"status": "affected",
"version": "14.3(1)"
},
{
"status": "affected",
"version": "3.2(1)"
},
{
"status": "affected",
"version": "14.3(1)SR1"
},
{
"status": "affected",
"version": "14.2(1)SR4"
},
{
"status": "affected",
"version": "11.0(6)SR6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write arbitrary files on an affected device.\r\n\r\nThis vulnerability is due to a lack of proper authentication controls. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to perform arbitrary file writes to specific directories in the underlying operating system.\r\nNote: To exploit this vulnerability, Web Access must be enabled on the phone. Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:41:06.201Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-phone-write-g3kcC5Df",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-write-g3kcC5Df"
}
],
"source": {
"advisory": "cisco-sa-phone-write-g3kcC5Df",
"defects": [
"CSCwn51679"
],
"discovery": "INTERNAL"
},
"title": "Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Information Arbitrary File Write Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20335",
"datePublished": "2025-09-03T17:41:06.201Z",
"dateReserved": "2024-10-10T19:15:13.255Z",
"dateUpdated": "2025-09-03T17:56:55.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20336 (GCVE-0-2025-20336)
Vulnerability from nvd – Published: 2025-09-03 17:41 – Updated: 2025-09-03 17:57
VLAI?
Summary
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device.
This vulnerability exists because the product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. An attacker could exploit this vulnerability by sending a crafted packet to the IP address of a device that has Web Access enabled. A successful exploit could allow the attacker to access sensitive information from the device.
Note: To exploit this vulnerability, Web Access must be enabled on the phone. Web Access is disabled by default.
Severity ?
5.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
12.1(1)SR1
Affected: 11.5(1) Affected: 10.3(2) Affected: 10.2(2) Affected: 10.3(1) Affected: 10.3(1)SR4 Affected: 11.0(1) Affected: 10.4(1)SR2 3rd Party Affected: 11.7(1) Affected: 12.1(1) Affected: 11.0(0.7) MPP Affected: 9.3(4) 3rd Party Affected: 12.5(1)SR2 Affected: 10.2(1)SR1 Affected: 9.3(4)SR3 3rd Party Affected: 10.2(1) Affected: 12.5(1) Affected: 10.3(1)SR2 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 12.5(1)SR1 Affected: 11.5(1)SR1 Affected: 10.1(1)SR2 Affected: 12.0(1)SR2 Affected: 12.6(1) Affected: 10.3(1.11) 3rd Party Affected: 12.0(1) Affected: 12.0(1)SR1 Affected: 9.3(3) Affected: 12.5(1)SR3 Affected: 10.3(1)SR4b Affected: 9.3(4)SR1 3rd Party Affected: 10.3(1)SR5 Affected: 10.1(1.9) Affected: 10.3(1.9) 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 10.3(1)SR1 Affected: 10.3(1)SR3 Affected: 10.1(1)SR1 Affected: 12.0(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 10.3(1)SR6 Affected: 12.8(1) Affected: 12.7(1)SR1 Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 14.0(1) Affected: 14.0(1)SR1 Affected: 10.3(1)SR7 Affected: 14.0(1)SR2 Affected: 14.1(1) Affected: 14.0(1)SR3 Affected: 14.1(1)SR1 Affected: 14.1(1)SR2 Affected: 14.2(1) Affected: 14.2(1)SR1 Affected: 14.1(1)SR3 Affected: 14.2(1)SR2 Affected: 3.1(1) Affected: 3.0(1) Affected: 2.3(1) Affected: 2.3(1)SR1 Affected: 2.2(1) Affected: 2.1(1) Affected: 2.0(1) Affected: 14.2(1)SR3 Affected: 3.1(1)SR1 Affected: 14.3(1) Affected: 3.2(1) Affected: 14.3(1)SR1 Affected: 14.2(1)SR4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20336",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T17:57:26.410747Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:57:31.207Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "14.1(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR2"
},
{
"status": "affected",
"version": "14.2(1)"
},
{
"status": "affected",
"version": "14.2(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR3"
},
{
"status": "affected",
"version": "14.2(1)SR2"
},
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "2.3(1)"
},
{
"status": "affected",
"version": "2.3(1)SR1"
},
{
"status": "affected",
"version": "2.2(1)"
},
{
"status": "affected",
"version": "2.1(1)"
},
{
"status": "affected",
"version": "2.0(1)"
},
{
"status": "affected",
"version": "14.2(1)SR3"
},
{
"status": "affected",
"version": "3.1(1)SR1"
},
{
"status": "affected",
"version": "14.3(1)"
},
{
"status": "affected",
"version": "3.2(1)"
},
{
"status": "affected",
"version": "14.3(1)SR1"
},
{
"status": "affected",
"version": "14.2(1)SR4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device.\r\n\r\nThis vulnerability exists because the product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. An attacker could exploit this vulnerability by sending a crafted packet to the IP address of a device that has Web Access enabled. A successful exploit could allow the attacker to access sensitive information from the device.\r\nNote: To exploit this vulnerability, Web Access must be enabled on the phone. Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:41:01.463Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-phone-write-g3kcC5Df",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-write-g3kcC5Df"
}
],
"source": {
"advisory": "cisco-sa-phone-write-g3kcC5Df",
"defects": [
"CSCwn51677"
],
"discovery": "INTERNAL"
},
"title": "Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20336",
"datePublished": "2025-09-03T17:41:01.463Z",
"dateReserved": "2024-10-10T19:15:13.255Z",
"dateUpdated": "2025-09-03T17:57:31.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20158 (GCVE-0-2025-20158)
Vulnerability from nvd – Published: 2025-02-19 16:06 – Updated: 2025-02-19 16:22
VLAI?
Summary
A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials with SSH access on the affected device. SSH access is disabled by default.
This vulnerability is due to insufficient validation of user-supplied input by the debug shell of an affected device. An attacker could exploit this vulnerability by sending a crafted SSH client command to the CLI. A successful exploit could allow the attacker to access sensitive information on the underlying operating system.
Severity ?
4.4 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
3.1(1)
Affected: 3.0(1) Affected: 2.3(1) Affected: 2.3(1)SR1 Affected: 2.2(1) Affected: 2.1(1) Affected: 2.0(1) Affected: 3.1(1)SR1 Affected: 3.2(1) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20158",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-19T16:20:34.156069Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-19T16:22:29.304Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "2.3(1)"
},
{
"status": "affected",
"version": "2.3(1)SR1"
},
{
"status": "affected",
"version": "2.2(1)"
},
{
"status": "affected",
"version": "2.1(1)"
},
{
"status": "affected",
"version": "2.0(1)"
},
{
"status": "affected",
"version": "3.1(1)SR1"
},
{
"status": "affected",
"version": "3.2(1)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials with SSH access on the affected device. SSH access is disabled by default.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input by the debug shell of an affected device. An attacker could exploit this vulnerability by sending a crafted SSH client command to the CLI. A successful exploit could allow the attacker to access sensitive information on the underlying operating system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-19T16:06:00.812Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-phone-info-disc-YyxsWStK",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-info-disc-YyxsWStK"
}
],
"source": {
"advisory": "cisco-sa-phone-info-disc-YyxsWStK",
"defects": [
"CSCwn51779"
],
"discovery": "INTERNAL"
},
"title": "Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20158",
"datePublished": "2025-02-19T16:06:00.812Z",
"dateReserved": "2024-10-10T19:15:13.217Z",
"dateUpdated": "2025-02-19T16:22:29.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1379 (GCVE-0-2021-1379)
Vulnerability from nvd – Published: 2024-11-18 15:42 – Updated: 2024-11-18 16:23
VLAI?
Summary
Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP phone.
These vulnerabilities are due to missing checks when the IP phone processes a Cisco Discovery Protocol or LLDP packet. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted IP phone. A successful exploit could allow the attacker to execute code on the affected IP phone or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition.Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
Severity ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco IP Phones with Multiplatform Firmware |
Affected:
11.1.2
Affected: 11.2.1 Affected: 11.2.3 Affected: 11.2.2 Affected: 11.2.3 MSR1-1 Affected: 11.1.2 MSR1-1 Affected: 11.1.1 Affected: 11.1.2 MSR3-1 Affected: 11.0.0 Affected: 11.1.1 MSR1-1 Affected: 11.0.1 Affected: 11.1.1 MSR2-1 Affected: 11.2.4 Affected: 11.0.1 MSR1-1 Affected: 11.0.2 Affected: 11.3.1 Affected: 11.3.1 MSR1-3 Affected: 11.3.2 Affected: 11.3.1 MSR2-6 Affected: 11.3.1 MSR3-3 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1379",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-18T16:22:56.651830Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T16:23:13.534Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco IP Phones with Multiplatform Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.1.2"
},
{
"status": "affected",
"version": "11.2.1"
},
{
"status": "affected",
"version": "11.2.3"
},
{
"status": "affected",
"version": "11.2.2"
},
{
"status": "affected",
"version": "11.2.3 MSR1-1"
},
{
"status": "affected",
"version": "11.1.2 MSR1-1"
},
{
"status": "affected",
"version": "11.1.1"
},
{
"status": "affected",
"version": "11.1.2 MSR3-1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "11.1.1 MSR1-1"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.1.1 MSR2-1"
},
{
"status": "affected",
"version": "11.2.4"
},
{
"status": "affected",
"version": "11.0.1 MSR1-1"
},
{
"status": "affected",
"version": "11.0.2"
},
{
"status": "affected",
"version": "11.3.1"
},
{
"status": "affected",
"version": "11.3.1 MSR1-3"
},
{
"status": "affected",
"version": "11.3.2"
},
{
"status": "affected",
"version": "11.3.1 MSR2-6"
},
{
"status": "affected",
"version": "11.3.1 MSR3-3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.0(3)"
},
{
"status": "affected",
"version": "9.0(2)SR2"
},
{
"status": "affected",
"version": "9.0(2)SR1"
},
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.4(2)SR1"
},
{
"status": "affected",
"version": "9.4(2)"
},
{
"status": "affected",
"version": "9.4(2)SR2"
},
{
"status": "affected",
"version": "9.4(2)SR3"
},
{
"status": "affected",
"version": "9.3(1)SR2"
},
{
"status": "affected",
"version": "9.3(1)SR3"
},
{
"status": "affected",
"version": "9.3(1)SR1"
},
{
"status": "affected",
"version": "9.1(1)SR1"
},
{
"status": "affected",
"version": "9.3(1)SR4"
},
{
"status": "affected",
"version": "9.2(3)"
},
{
"status": "affected",
"version": "9.2(1)SR2"
},
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "9.4(2)SR4"
},
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR5"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Small Business IP Phones",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.4.8"
},
{
"status": "affected",
"version": "7.4.3"
},
{
"status": "affected",
"version": "7.5.5a"
},
{
"status": "affected",
"version": "7.3.7"
},
{
"status": "affected",
"version": "7.5.2"
},
{
"status": "affected",
"version": "7.5.1"
},
{
"status": "affected",
"version": "7.4.6"
},
{
"status": "affected",
"version": "7.5.7"
},
{
"status": "affected",
"version": "7.4.4"
},
{
"status": "affected",
"version": "7.6.2SR3"
},
{
"status": "affected",
"version": "7.6.2"
},
{
"status": "affected",
"version": "7.5.6"
},
{
"status": "affected",
"version": "7.5.6c"
},
{
"status": "affected",
"version": "7.6.0"
},
{
"status": "affected",
"version": "7.4.7"
},
{
"status": "affected",
"version": "7.6.2SR6"
},
{
"status": "affected",
"version": "7.5.2b"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "7.5.6a"
},
{
"status": "affected",
"version": "7.6.2SR2"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.5.2a"
},
{
"status": "affected",
"version": "7.5.6(XU)"
},
{
"status": "affected",
"version": "7.5.7s"
},
{
"status": "affected",
"version": "7.6.2SR4"
},
{
"status": "affected",
"version": "7.6.2SR1"
},
{
"status": "affected",
"version": "7.4.9"
},
{
"status": "affected",
"version": "7.5.5b"
},
{
"status": "affected",
"version": "7.6.2SR5"
},
{
"status": "affected",
"version": "7.5.4"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.6.2SR7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the Cisco\u0026nbsp;Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco\u0026nbsp;IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP phone.\r\nThese vulnerabilities are due to missing checks when the IP phone processes a Cisco\u0026nbsp;Discovery Protocol or LLDP packet. An attacker could exploit these vulnerabilities by sending a malicious Cisco\u0026nbsp;Discovery Protocol or LLDP packet to the targeted IP phone. A successful exploit could allow the attacker to execute code on the affected IP phone or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition.Note: Cisco\u0026nbsp;Discovery Protocol is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).Cisco\u0026nbsp;has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco\u00a0Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/RL:X/RC:X/E:X",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T15:42:00.388Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ipphone-rce-dos-U2PsSkz3",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-rce-dos-U2PsSkz3"
},
{
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-distupd-N87eB6Z3",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-distupd-N87eB6Z3"
}
],
"source": {
"advisory": "cisco-sa-ipphone-rce-dos-U2PsSkz3",
"defects": [
"CSCvu59351"
],
"discovery": "EXTERNAL"
},
"title": "Cisco IP Phones Cisco Discovery Protocol and Link Layer Discovery Protocol Remote Code Execution and Denial of Service Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1379",
"datePublished": "2024-11-18T15:42:00.388Z",
"dateReserved": "2020-11-13T00:00:00.000Z",
"dateUpdated": "2024-11-18T16:23:13.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20534 (GCVE-0-2024-20534)
Vulnerability from nvd – Published: 2024-11-06 16:31 – Updated: 2024-11-06 17:00
VLAI?
Summary
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks against users.
This vulnerability exists because the web UI of an affected device does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Note: To exploit this vulnerability, Web Access must be enabled on the phone and the attacker must have Admin credentials on the device. Web Access is disabled by default.
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco IP Phones with Multiplatform Firmware |
Affected:
11.1.2
Affected: 11.2.1 Affected: 11.2.3 Affected: 11.2.2 Affected: 11.2.3 MSR1-1 Affected: 11.1.2 MSR1-1 Affected: 11.1.1 Affected: 11.1.2 MSR3-1 Affected: 11.0.0 Affected: 11.1.1 MSR1-1 Affected: 11.0.1 Affected: 11.1.1 MSR2-1 Affected: 11.2.4 Affected: 11.0.1 MSR1-1 Affected: 11.0.2 Affected: 11.3.1 Affected: 11.3.1 MSR1-3 Affected: 11.3.2 Affected: 11.3.1 MSR2-6 Affected: 11-3-1MSR2UPG Affected: 4.7.1 Affected: 4.6 MSR1 Affected: 11.3.1 MSR3-3 Affected: 4.8.1 Affected: 11.3.3 Affected: 11.3.1 MSR4-1 Affected: 11.3.4 Affected: 4.8.1 SR1 Affected: 11.3.5 Affected: 11.3.3 MSR1 Affected: 5.0.1 Affected: 11.3.3 MSR2 Affected: 11.3.6 Affected: 11-3-1MPPSR4UPG Affected: 11.3.6SR1 Affected: 11.3.7 Affected: 5.1.1 Affected: 11.3.7SR1 Affected: 12.0.1 Affected: 12.0.2 Affected: 11.3.7SR2 Affected: 12.0.3 Affected: 12.0.3SR1 Affected: 12.0.4 Affected: 12.0.4SR1 Affected: 12.0.5 Affected: 12.0.5SR1 Affected: 12.0.3SR2 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20534",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T16:59:56.911012Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T17:00:08.112Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco IP Phones with Multiplatform Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.1.2"
},
{
"status": "affected",
"version": "11.2.1"
},
{
"status": "affected",
"version": "11.2.3"
},
{
"status": "affected",
"version": "11.2.2"
},
{
"status": "affected",
"version": "11.2.3 MSR1-1"
},
{
"status": "affected",
"version": "11.1.2 MSR1-1"
},
{
"status": "affected",
"version": "11.1.1"
},
{
"status": "affected",
"version": "11.1.2 MSR3-1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "11.1.1 MSR1-1"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.1.1 MSR2-1"
},
{
"status": "affected",
"version": "11.2.4"
},
{
"status": "affected",
"version": "11.0.1 MSR1-1"
},
{
"status": "affected",
"version": "11.0.2"
},
{
"status": "affected",
"version": "11.3.1"
},
{
"status": "affected",
"version": "11.3.1 MSR1-3"
},
{
"status": "affected",
"version": "11.3.2"
},
{
"status": "affected",
"version": "11.3.1 MSR2-6"
},
{
"status": "affected",
"version": "11-3-1MSR2UPG"
},
{
"status": "affected",
"version": "4.7.1"
},
{
"status": "affected",
"version": "4.6 MSR1"
},
{
"status": "affected",
"version": "11.3.1 MSR3-3"
},
{
"status": "affected",
"version": "4.8.1"
},
{
"status": "affected",
"version": "11.3.3"
},
{
"status": "affected",
"version": "11.3.1 MSR4-1"
},
{
"status": "affected",
"version": "11.3.4"
},
{
"status": "affected",
"version": "4.8.1 SR1"
},
{
"status": "affected",
"version": "11.3.5"
},
{
"status": "affected",
"version": "11.3.3 MSR1"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "11.3.3 MSR2"
},
{
"status": "affected",
"version": "11.3.6"
},
{
"status": "affected",
"version": "11-3-1MPPSR4UPG"
},
{
"status": "affected",
"version": "11.3.6SR1"
},
{
"status": "affected",
"version": "11.3.7"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "11.3.7SR1"
},
{
"status": "affected",
"version": "12.0.1"
},
{
"status": "affected",
"version": "12.0.2"
},
{
"status": "affected",
"version": "11.3.7SR2"
},
{
"status": "affected",
"version": "12.0.3"
},
{
"status": "affected",
"version": "12.0.3SR1"
},
{
"status": "affected",
"version": "12.0.4"
},
{
"status": "affected",
"version": "12.0.4SR1"
},
{
"status": "affected",
"version": "12.0.5"
},
{
"status": "affected",
"version": "12.0.5SR1"
},
{
"status": "affected",
"version": "12.0.3SR2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "3.1(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks against users.\r\n\r\nThis vulnerability exists because the web UI of an affected device does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\r\nNote: To exploit this vulnerability, Web Access must be enabled on the phone and the attacker must have Admin credentials on the device. Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:55:30.873Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-mpp-xss-8tAV2TvF",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mpp-xss-8tAV2TvF"
}
],
"source": {
"advisory": "cisco-sa-mpp-xss-8tAV2TvF",
"defects": [
"CSCwm39676"
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 6800, 7800, 8800, and 9800 Series with Multiplatform Firmware Stored Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20534",
"datePublished": "2024-11-06T16:31:30.293Z",
"dateReserved": "2023-11-08T15:08:07.692Z",
"dateUpdated": "2024-11-06T17:00:08.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20533 (GCVE-0-2024-20533)
Vulnerability from nvd – Published: 2024-11-06 16:31 – Updated: 2024-11-06 17:00
VLAI?
Summary
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks against users.
This vulnerability exists because the web UI of an affected device does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Note: To exploit this vulnerability, Web Access must be enabled on the phone and the attacker must have Admin credentials on the device. Web Access is disabled by default.
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco IP Phones with Multiplatform Firmware |
Affected:
11.1.2
Affected: 11.2.1 Affected: 11.2.3 Affected: 11.2.2 Affected: 11.2.3 MSR1-1 Affected: 11.1.2 MSR1-1 Affected: 11.1.1 Affected: 11.1.2 MSR3-1 Affected: 11.0.0 Affected: 11.1.1 MSR1-1 Affected: 11.0.1 Affected: 11.1.1 MSR2-1 Affected: 11.2.4 Affected: 11.0.1 MSR1-1 Affected: 11.0.2 Affected: 11.3.1 Affected: 11.3.1 MSR1-3 Affected: 11.3.2 Affected: 11.3.1 MSR2-6 Affected: 11-3-1MSR2UPG Affected: 11.3.1 MSR3-3 Affected: 11.3.3 Affected: 11.3.1 MSR4-1 Affected: 11.3.4 Affected: 11.3.5 Affected: 11.3.3 MSR1 Affected: 11.3.3 MSR2 Affected: 11.3.6 Affected: 11-3-1MPPSR4UPG Affected: 11.3.6SR1 Affected: 11.3.7 Affected: 11.3.7SR1 Affected: 12.0.1 Affected: 12.0.2 Affected: 11.3.7SR2 Affected: 12.0.3 Affected: 12.0.3SR1 Affected: 12.0.4 Affected: 12.0.4SR1 Affected: 12.0.5 Affected: 12.0.5SR1 Affected: 12.0.3SR2 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20533",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T17:00:30.709215Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T17:00:38.504Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco IP Phones with Multiplatform Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.1.2"
},
{
"status": "affected",
"version": "11.2.1"
},
{
"status": "affected",
"version": "11.2.3"
},
{
"status": "affected",
"version": "11.2.2"
},
{
"status": "affected",
"version": "11.2.3 MSR1-1"
},
{
"status": "affected",
"version": "11.1.2 MSR1-1"
},
{
"status": "affected",
"version": "11.1.1"
},
{
"status": "affected",
"version": "11.1.2 MSR3-1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "11.1.1 MSR1-1"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.1.1 MSR2-1"
},
{
"status": "affected",
"version": "11.2.4"
},
{
"status": "affected",
"version": "11.0.1 MSR1-1"
},
{
"status": "affected",
"version": "11.0.2"
},
{
"status": "affected",
"version": "11.3.1"
},
{
"status": "affected",
"version": "11.3.1 MSR1-3"
},
{
"status": "affected",
"version": "11.3.2"
},
{
"status": "affected",
"version": "11.3.1 MSR2-6"
},
{
"status": "affected",
"version": "11-3-1MSR2UPG"
},
{
"status": "affected",
"version": "11.3.1 MSR3-3"
},
{
"status": "affected",
"version": "11.3.3"
},
{
"status": "affected",
"version": "11.3.1 MSR4-1"
},
{
"status": "affected",
"version": "11.3.4"
},
{
"status": "affected",
"version": "11.3.5"
},
{
"status": "affected",
"version": "11.3.3 MSR1"
},
{
"status": "affected",
"version": "11.3.3 MSR2"
},
{
"status": "affected",
"version": "11.3.6"
},
{
"status": "affected",
"version": "11-3-1MPPSR4UPG"
},
{
"status": "affected",
"version": "11.3.6SR1"
},
{
"status": "affected",
"version": "11.3.7"
},
{
"status": "affected",
"version": "11.3.7SR1"
},
{
"status": "affected",
"version": "12.0.1"
},
{
"status": "affected",
"version": "12.0.2"
},
{
"status": "affected",
"version": "11.3.7SR2"
},
{
"status": "affected",
"version": "12.0.3"
},
{
"status": "affected",
"version": "12.0.3SR1"
},
{
"status": "affected",
"version": "12.0.4"
},
{
"status": "affected",
"version": "12.0.4SR1"
},
{
"status": "affected",
"version": "12.0.5"
},
{
"status": "affected",
"version": "12.0.5SR1"
},
{
"status": "affected",
"version": "12.0.3SR2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "3.1(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks against users.\r\n\r\nThis vulnerability exists because the web UI of an affected device does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\r\nNote: To exploit this vulnerability, Web Access must be enabled on the phone and the attacker must have Admin credentials on the device. Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:55:22.819Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-mpp-xss-8tAV2TvF",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mpp-xss-8tAV2TvF"
}
],
"source": {
"advisory": "cisco-sa-mpp-xss-8tAV2TvF",
"defects": [
"CSCwm38104"
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 6800, 7800, 8800, and 9800 Series with Multiplatform Firmware Stored Cross-Site Scripting Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20533",
"datePublished": "2024-11-06T16:31:21.072Z",
"dateReserved": "2023-11-08T15:08:07.692Z",
"dateUpdated": "2024-11-06T17:00:38.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20445 (GCVE-0-2024-20445)
Vulnerability from nvd – Published: 2024-11-06 16:29 – Updated: 2024-11-06 22:00
VLAI?
Summary
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device.
This vulnerability is due to improper storage of sensitive information within the web UI of Session Initiation Protocol (SIP)-based phone loads. An attacker could exploit this vulnerability by browsing to the IP address of a device that has Web Access enabled. A successful exploit could allow the attacker to access sensitive information, including incoming and outgoing call records.
Note: Web Access is disabled by default.
Severity ?
5.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
12.1(1)SR1
Affected: 11.5(1) Affected: 10.3(2) Affected: 10.2(2) Affected: 10.3(1) Affected: 10.3(1)SR4 Affected: 11.0(1) Affected: 10.4(1)SR2 3rd Party Affected: 11.7(1) Affected: 12.1(1) Affected: 11.0(0.7) MPP Affected: 9.3(4) 3rd Party Affected: 12.5(1)SR2 Affected: 10.2(1)SR1 Affected: 9.3(4)SR3 3rd Party Affected: 10.2(1) Affected: 12.5(1) Affected: 10.3(1)SR2 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 12.5(1)SR1 Affected: 11.5(1)SR1 Affected: 10.1(1)SR2 Affected: 12.0(1)SR2 Affected: 12.6(1) Affected: 10.3(1.11) 3rd Party Affected: 12.0(1) Affected: 12.0(1)SR1 Affected: 9.3(3) Affected: 12.5(1)SR3 Affected: 10.3(1)SR4b Affected: 9.3(4)SR1 3rd Party Affected: 10.3(1)SR5 Affected: 10.1(1.9) Affected: 10.3(1.9) 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 10.3(1)SR1 Affected: 10.3(1)SR3 Affected: 10.1(1)SR1 Affected: 12.0(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 10.3(1)SR6 Affected: 12.8(1) Affected: 12.7(1)SR1 Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 14.0(1) Affected: 14.0(1)SR1 Affected: 10.3(1)SR7 Affected: 14.0(1)SR2 Affected: 14.1(1) Affected: 14.0(1)SR3 Affected: 14.1(1)SR1 Affected: 14.1(1)SR2 Affected: 14.2(1) Affected: 14.2(1)SR1 Affected: 14.1(1)SR3 Affected: 14.2(1)SR2 Affected: 3.1(1) Affected: 3.0(1) Affected: 14.2(1)SR3 Affected: 3.1(1)SR1 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:sip_ip_phone_software:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sip_ip_phone_software",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2_3rd_Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7)_MPP"
},
{
"status": "affected",
"version": "9.3(4)_3rd_Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3_3rd_Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1)_3rd_Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11)_3rd_Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1_3rd_Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9)_3rd_Party"
},
{
"status": "affected",
"version": "9.3(4)SR2_3rd_Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "14.1(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR2"
},
{
"status": "affected",
"version": "14.2(1)"
},
{
"status": "affected",
"version": "14.2(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR3"
},
{
"status": "affected",
"version": "14.2(1)SR2"
},
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "14.2(1)SR3"
},
{
"status": "affected",
"version": "3.1(1)SR1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20445",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T17:23:46.067108Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T22:00:02.234Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "14.1(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR2"
},
{
"status": "affected",
"version": "14.2(1)"
},
{
"status": "affected",
"version": "14.2(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR3"
},
{
"status": "affected",
"version": "14.2(1)SR2"
},
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "14.2(1)SR3"
},
{
"status": "affected",
"version": "3.1(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device.\r\n\r\nThis vulnerability is due to improper storage of sensitive information within the web UI of Session Initiation Protocol (SIP)-based phone loads. An attacker could exploit this vulnerability by browsing to the IP address of a device that has Web Access enabled. A successful exploit could allow the attacker to access sensitive information, including incoming and outgoing call records.\r\nNote: Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:29:06.293Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-phone-infodisc-sbyqQVbG",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-infodisc-sbyqQVbG"
}
],
"source": {
"advisory": "cisco-sa-phone-infodisc-sbyqQVbG",
"defects": [
"CSCwk25862"
],
"discovery": "EXTERNAL"
},
"title": "Cisco IP Phone 7800, 8800, and 9800 Series Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20445",
"datePublished": "2024-11-06T16:29:06.293Z",
"dateReserved": "2023-11-08T15:08:07.678Z",
"dateUpdated": "2024-11-06T22:00:02.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20265 (GCVE-0-2023-20265)
Vulnerability from nvd – Published: 2023-11-21 18:45 – Updated: 2024-08-29 20:02
VLAI?
Summary
A vulnerability in the web-based management interface of a small subset of Cisco IP Phones could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials to access the web-based management interface of the affected device.
Severity ?
5.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco IP Phones with Multiplatform Firmware |
Affected:
4.5
Affected: 4.6 MSR1 Affected: 4.7.1 Affected: 4.8.1 Affected: 4.8.1 SR1 Affected: 5.0.1 Affected: 5.1.1 Affected: 5.1.2 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:36.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-uipphone-xss-NcmUykqA",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uipphone-xss-NcmUykqA"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20265",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-21T20:02:01.391549Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T20:02:00.535Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP Phones with Multiplatform Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.5"
},
{
"status": "affected",
"version": "4.6 MSR1"
},
{
"status": "affected",
"version": "4.7.1"
},
{
"status": "affected",
"version": "4.8.1"
},
{
"status": "affected",
"version": "4.8.1 SR1"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1.2"
}
]
},
{
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "9.1(1)"
},
{
"status": "affected",
"version": "9.3(1)SR2"
},
{
"status": "affected",
"version": "9.4(1)"
},
{
"status": "affected",
"version": "9.2(2)"
},
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.3(1)SR1"
},
{
"status": "affected",
"version": "9.4(1)SR2"
},
{
"status": "affected",
"version": "9.4(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of a small subset of Cisco IP Phones could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials to access the web-based management interface of the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:58:35.584Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-uipphone-xss-NcmUykqA",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uipphone-xss-NcmUykqA"
}
],
"source": {
"advisory": "cisco-sa-uipphone-xss-NcmUykqA",
"defects": [
"CSCwf58594",
"CSCwf58592",
"CSCwf58578"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20265",
"datePublished": "2023-11-21T18:45:33.998Z",
"dateReserved": "2022-10-27T18:47:50.373Z",
"dateUpdated": "2024-08-29T20:02:00.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20018 (GCVE-0-2023-20018)
Vulnerability from nvd – Published: 2023-01-19 01:35 – Updated: 2024-08-02 08:57
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication.
Severity ?
8.6 (High)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
9.3(4) 3rd Party
Affected: 9.3(4)SR3 3rd Party Affected: 9.3(4)SR1 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 11.0(3)SR3 Affected: 11.0(2)SR1 Affected: 11.5(1) Affected: 11.0(5)SR2 Affected: 11.0(2) Affected: 11.7(1) Affected: 11.0(4)SR3 Affected: 11.0(0.7) MPP Affected: 11.0(4)SR2 Affected: 11.0(3)SR5 Affected: 11.0(3)SR6 Affected: 11.0(3) Affected: 11.0(4)SR1 Affected: 11.0(1) MPP Affected: 11.0(4) Affected: 11.0(3)SR4 Affected: 11.0(5) Affected: 11.0(3)SR1 Affected: 11.0(5)SR1 Affected: 11.0(3)SR2 Affected: 11.0(2)SR2 Affected: 11.0(1) Affected: 11.5(1)SR1 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 10.3(1.11) 3rd Party Affected: 10.2(2) Affected: 10.2(1)SR1 Affected: 10.1(1.9) Affected: 10.1(1)SR2 Affected: 10.2(1) Affected: 10.1(1)SR1 Affected: 10.4(1)SR2 3rd Party Affected: 10.3(1) Affected: 10.3(1)SR4b Affected: 10.3(1)SR5 Affected: 10.3(1.9) 3rd Party Affected: 10.3(2) Affected: 10.3(1)SR4 Affected: 10.3(1)SR2 Affected: 10.3(1)SR3 Affected: 10.3(1)SR1 Affected: 12.6(1) Affected: 12.1(1) Affected: 12.5(1)SR1 Affected: 12.5(1)SR2 Affected: 12.5(1) Affected: 12.5(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 12.1(1)SR1 Affected: 12.0(1) Affected: 12.0(1)SR2 Affected: 12.0(1)SR1 Affected: 12.0(1)SR3 Affected: 12.8(1) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 11.0(5)SR3 Affected: 11.0(6) Affected: 11.0(6)SR1 Affected: 11.0(6)SR2 Affected: 10.3(1)SR6 Affected: 10.3(1)SR7 Affected: 12.7(1)SR1 Affected: 14.0(1)SR1 Affected: 14.0(1) Affected: 14.0(1)SR2 Affected: 14.0(1)SR3 Affected: 14.1(1) Affected: 14.1(1)SR1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ip-phone-auth-bypass-pSqxZRPR",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-auth-bypass-pSqxZRPR"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR5"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(1) MPP"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(6)"
},
{
"status": "affected",
"version": "11.0(6)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.1(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:31.975Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ip-phone-auth-bypass-pSqxZRPR",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-auth-bypass-pSqxZRPR"
}
],
"source": {
"advisory": "cisco-sa-ip-phone-auth-bypass-pSqxZRPR",
"defects": [
"CSCwc37223",
"CSCwc37234"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20018",
"datePublished": "2023-01-19T01:35:41.006Z",
"dateReserved": "2022-10-27T18:47:50.308Z",
"dateUpdated": "2024-08-02T08:57:35.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20968 (GCVE-0-2022-20968)
Vulnerability from nvd – Published: 2022-12-08 16:13 – Updated: 2024-08-03 02:31
VLAI?
Summary
A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device.
This vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol traffic to an affected device. A successful exploit could allow the attacker to cause a stack overflow, resulting in possible remote code execution or a denial of service (DoS) condition on an affected device.
Severity ?
8.1 (High)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
9.3(4) 3rd Party
Affected: 9.3(4)SR3 3rd Party Affected: 9.3(4)SR1 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 11.5(1) Affected: 11.7(1) Affected: 11.0(0.7) MPP Affected: 11.0(1) MPP Affected: 11.0(1) Affected: 11.5(1)SR1 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 10.3(1.11) 3rd Party Affected: 10.2(2) Affected: 10.2(1)SR1 Affected: 10.1(1.9) Affected: 10.1(1)SR2 Affected: 10.2(1) Affected: 10.1(1)SR1 Affected: 10.4(1)SR2 3rd Party Affected: 10.3(1) Affected: 10.3(1)SR4b Affected: 10.3(1)SR5 Affected: 10.3(1.9) 3rd Party Affected: 10.3(2) Affected: 10.3(1)SR4 Affected: 10.3(1)SR2 Affected: 10.3(1)SR3 Affected: 10.3(1)SR1 Affected: 12.6(1) Affected: 12.1(1) Affected: 12.5(1)SR1 Affected: 12.5(1)SR2 Affected: 12.5(1) Affected: 12.5(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 12.1(1)SR1 Affected: 12.0(1) Affected: 12.0(1)SR2 Affected: 12.0(1)SR1 Affected: 12.0(1)SR3 Affected: 12.8(1) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 10.3(1)SR6 Affected: 10.3(1)SR7 Affected: 12.7(1)SR1 Affected: 14.0(1)SR1 Affected: 14.0(1) Affected: 14.0(1)SR2 Affected: 14.0(1)SR3 Affected: 14.1(1) Affected: 14.1(1)SR1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:58.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ipp-oobwrite-8cMF5r7U",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipp-oobwrite-8cMF5r7U"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "11.0(1) MPP"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.1(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device.\r\n\r\nThis vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol traffic to an affected device. A successful exploit could allow the attacker to cause a stack overflow, resulting in possible remote code execution or a denial of service (DoS) condition on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory and that this vulnerability has been publicly discussed.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:28.167Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ipp-oobwrite-8cMF5r7U",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipp-oobwrite-8cMF5r7U"
}
],
"source": {
"advisory": "cisco-sa-ipp-oobwrite-8cMF5r7U",
"defects": [
"CSCwb28354"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20968",
"datePublished": "2022-12-08T16:13:11.258Z",
"dateReserved": "2021-11-02T13:28:29.197Z",
"dateUpdated": "2024-08-03T02:31:58.569Z",
"requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20660 (GCVE-0-2022-20660)
Vulnerability from nvd – Published: 2022-01-14 05:01 – Updated: 2024-11-06 16:33
VLAI?
Summary
A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks.
Severity ?
4.6 (Medium)
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:17:53.070Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220113 Cisco IP Phones Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
},
{
"name": "20220114 SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Jan/34"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20660",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T15:59:21.438909Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:33:25.971Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-17T19:06:13",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220113 Cisco IP Phones Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
},
{
"name": "20220114 SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/Jan/34"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
}
],
"source": {
"advisory": "cisco-sa-ip-phone-info-disc-fRdJfOxA",
"defect": [
[
"CSCvy39035",
"CSCvy39054",
"CSCvy39055",
"CSCvy39057",
"CSCvy39058",
"CSCvy39059"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phones Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-01-13T00:00:00",
"ID": "CVE-2022-20660",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phones Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Session Initiation Protocol (SIP) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.6",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-312"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220113 Cisco IP Phones Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
},
{
"name": "20220114 SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Jan/34"
},
{
"name": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
}
]
},
"source": {
"advisory": "cisco-sa-ip-phone-info-disc-fRdJfOxA",
"defect": [
[
"CSCvy39035",
"CSCvy39054",
"CSCvy39055",
"CSCvy39057",
"CSCvy39058",
"CSCvy39059"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20660",
"datePublished": "2022-01-14T05:01:29.253864Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:33:25.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}