All the vulnerabilites related to cisco - ip_conference_phone_8832_firmware
cve-2019-1764
Vulnerability from cvelistv5
Published
2019-03-22 20:05
Modified
2024-11-21 19:42
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-csrf | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Cisco Wireless IP Phone 8821 and 8821-EX |
Version: unspecified < 11.0(5) |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190320 Cisco IP Phone 8800 Series Cross-Site Request Forgery Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-csrf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1764",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:59:54.512055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:42:07.909Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Wireless IP Phone 8821 and 8821-EX",
"vendor": "Cisco",
"versions": [
{
"lessThan": "11.0(5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Cisco IP Conference Phone 8832 and the rest of the IP Phone 8800 Series",
"vendor": "Cisco",
"versions": [
{
"lessThan": "12.5(1)SR1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-22T20:05:29",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190320 Cisco IP Phone 8800 Series Cross-Site Request Forgery Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-csrf"
}
],
"source": {
"advisory": "cisco-sa-20190320-ip-phone-csrf",
"defect": [
[
"CSCvn56221",
"CSCvo57629"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 8800 Series Cross-Site Request Forgery Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-20T16:00:00-0700",
"ID": "CVE-2019-1764",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone 8800 Series Cross-Site Request Forgery Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Wireless IP Phone 8821 and 8821-EX",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "11.0(5)"
}
]
}
},
{
"product_name": "Cisco IP Conference Phone 8832 and the rest of the IP Phone 8800 Series",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "12.5(1)SR1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190320 Cisco IP Phone 8800 Series Cross-Site Request Forgery Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-csrf"
}
]
},
"source": {
"advisory": "cisco-sa-20190320-ip-phone-csrf",
"defect": [
[
"CSCvn56221",
"CSCvo57629"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1764",
"datePublished": "2019-03-22T20:05:29.129200Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:42:07.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3111
Vulnerability from cvelistv5
Published
2020-02-05 17:40
Modified
2024-11-15 17:42
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to the targeted IP phone. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos | vendor-advisory, x_refsource_CISCO | |
| http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco IP phone |
Version: unspecified < 12.7(1) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:24:00.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200205 Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3111",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:25:09.510937Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:42:42.854Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP phone",
"vendor": "Cisco",
"versions": [
{
"lessThan": "12.7(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to the targeted IP phone. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about this vulnerability. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-05T18:06:07",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200205 Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
}
],
"source": {
"advisory": "cisco-sa-20200205-voip-phones-rce-dos",
"defect": [
[
"CSCvr96057",
"CSCvr96058",
"CSCvr96059",
"CSCvr96060",
"CSCvr96063",
"CSCvr96064",
"CSCvr96065",
"CSCvr96066",
"CSCvr96067",
"CSCvr96069",
"CSCvr96070",
"CSCvr96071",
"CSCvr96738",
"CSCvr96739"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-02-05T16:00:00-0800",
"ID": "CVE-2020-3111",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IP phone",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "12.7(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to the targeted IP phone. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about this vulnerability. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.8",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200205 Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos"
},
{
"name": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
}
]
},
"source": {
"advisory": "cisco-sa-20200205-voip-phones-rce-dos",
"defect": [
[
"CSCvr96057",
"CSCvr96058",
"CSCvr96059",
"CSCvr96060",
"CSCvr96063",
"CSCvr96064",
"CSCvr96065",
"CSCvr96066",
"CSCvr96067",
"CSCvr96069",
"CSCvr96070",
"CSCvr96071",
"CSCvr96738",
"CSCvr96739"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3111",
"datePublished": "2020-02-05T17:40:15.678994Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T17:42:42.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20660
Vulnerability from cvelistv5
Published
2022-01-14 05:01
Modified
2024-11-06 16:33
Severity ?
EPSS score ?
Summary
A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA | vendor-advisory, x_refsource_CISCO | |
| http://seclists.org/fulldisclosure/2022/Jan/34 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Session Initiation Protocol (SIP) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:17:53.070Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220113 Cisco IP Phones Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
},
{
"name": "20220114 SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Jan/34"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20660",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T15:59:21.438909Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:33:25.971Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-17T19:06:13",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220113 Cisco IP Phones Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
},
{
"name": "20220114 SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/Jan/34"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
}
],
"source": {
"advisory": "cisco-sa-ip-phone-info-disc-fRdJfOxA",
"defect": [
[
"CSCvy39035",
"CSCvy39054",
"CSCvy39055",
"CSCvy39057",
"CSCvy39058",
"CSCvy39059"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phones Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-01-13T00:00:00",
"ID": "CVE-2022-20660",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phones Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Session Initiation Protocol (SIP) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.6",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-312"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220113 Cisco IP Phones Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
},
{
"name": "20220114 SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Jan/34"
},
{
"name": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
}
]
},
"source": {
"advisory": "cisco-sa-ip-phone-info-disc-fRdJfOxA",
"defect": [
[
"CSCvy39035",
"CSCvy39054",
"CSCvy39055",
"CSCvy39057",
"CSCvy39058",
"CSCvy39059"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20660",
"datePublished": "2022-01-14T05:01:29.253864Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:33:25.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1922
Vulnerability from cvelistv5
Published
2019-07-06 01:25
Modified
2024-11-21 19:19
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol (SIP) packets. An attacker could exploit this vulnerability by altering the SIP replies that are sent to the affected phone during the registration process. A successful exploit could allow the attacker to cause the phone to reboot and not complete the registration process.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-ip-phone-sip-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco IP Phone 8800 Series Software |
Version: unspecified < 12.0(1)MN130 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:35:51.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190703 Cisco IP Phone 7800 and 8800 Series Session Initiation Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-ip-phone-sip-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1922",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:57:53.270805Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:19:37.597Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP Phone 8800 Series Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "12.0(1)MN130",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-07-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol (SIP) packets. An attacker could exploit this vulnerability by altering the SIP replies that are sent to the affected phone during the registration process. A successful exploit could allow the attacker to cause the phone to reboot and not complete the registration process."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-06T01:25:11",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190703 Cisco IP Phone 7800 and 8800 Series Session Initiation Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-ip-phone-sip-dos"
}
],
"source": {
"advisory": "cisco-sa-20190703-ip-phone-sip-dos",
"defect": [
[
"CSCvc61672"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 7800 and 8800 Series Session Initiation Protocol Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-07-03T16:00:00-0700",
"ID": "CVE-2019-1922",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone 7800 and 8800 Series Session Initiation Protocol Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IP Phone 8800 Series Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "12.0(1)MN130"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol (SIP) packets. An attacker could exploit this vulnerability by altering the SIP replies that are sent to the affected phone during the registration process. A successful exploit could allow the attacker to cause the phone to reboot and not complete the registration process."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190703 Cisco IP Phone 7800 and 8800 Series Session Initiation Protocol Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-ip-phone-sip-dos"
}
]
},
"source": {
"advisory": "cisco-sa-20190703-ip-phone-sip-dos",
"defect": [
[
"CSCvc61672"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1922",
"datePublished": "2019-07-06T01:25:11.206035Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:19:37.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34711
Vulnerability from cvelistv5
Published
2021-10-06 19:46
Modified
2024-11-07 21:48
Severity ?
EPSS score ?
Summary
A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted input to a debug shell command. A successful exploit could allow the attacker to read any file on the device file system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-arbfileread-NPdtE2Ow | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco IP Phones with Multiplatform Firmware |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211006 Cisco IP Phone Software Arbitrary File Read Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-arbfileread-NPdtE2Ow"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34711",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:40:04.866442Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:48:26.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP Phones with Multiplatform Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted input to a debug shell command. A successful exploit could allow the attacker to read any file on the device file system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-36",
"description": "CWE-36",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T19:46:32",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211006 Cisco IP Phone Software Arbitrary File Read Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-arbfileread-NPdtE2Ow"
}
],
"source": {
"advisory": "cisco-sa-ipphone-arbfileread-NPdtE2Ow",
"defect": [
[
"CSCvx85812",
"CSCvx85813",
"CSCvx85818",
"CSCvx85820",
"CSCvx85821",
"CSCvx85822",
"CSCvx85824"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone Software Arbitrary File Read Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-06T16:00:00",
"ID": "CVE-2021-34711",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone Software Arbitrary File Read Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IP Phones with Multiplatform Firmware",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted input to a debug shell command. A successful exploit could allow the attacker to read any file on the device file system."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.5",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-36"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211006 Cisco IP Phone Software Arbitrary File Read Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-arbfileread-NPdtE2Ow"
}
]
},
"source": {
"advisory": "cisco-sa-ipphone-arbfileread-NPdtE2Ow",
"defect": [
[
"CSCvx85812",
"CSCvx85813",
"CSCvx85818",
"CSCvx85820",
"CSCvx85821",
"CSCvx85822",
"CSCvx85824"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34711",
"datePublished": "2021-10-06T19:46:32.157323Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:48:26.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1763
Vulnerability from cvelistv5
Published
2019-03-22 20:05
Modified
2024-11-19 19:14
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to critical services and cause a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipab | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Cisco Wireless IP Phone 8821 and 8821-EX |
Version: unspecified < 11.0(5) |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190320 Cisco IP Phone 8800 Series Authorization Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipab"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1763",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:25:13.352795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:14:36.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Wireless IP Phone 8821 and 8821-EX",
"vendor": "Cisco",
"versions": [
{
"lessThan": "11.0(5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Cisco IP Conference Phone 8832 and the rest of the IP Phone 8800 Series",
"vendor": "Cisco",
"versions": [
{
"lessThan": "12.5(1)SR1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to critical services and cause a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-22T20:05:34",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190320 Cisco IP Phone 8800 Series Authorization Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipab"
}
],
"source": {
"advisory": "cisco-sa-20190320-ipab",
"defect": [
[
"CSCvn56175",
"CSCvo58414"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 8800 Series Authorization Bypass Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-20T16:00:00-0700",
"ID": "CVE-2019-1763",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone 8800 Series Authorization Bypass Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Wireless IP Phone 8821 and 8821-EX",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "11.0(5)"
}
]
}
},
{
"product_name": "Cisco IP Conference Phone 8832 and the rest of the IP Phone 8800 Series",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "12.5(1)SR1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to critical services and cause a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190320 Cisco IP Phone 8800 Series Authorization Bypass Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipab"
}
]
},
"source": {
"advisory": "cisco-sa-20190320-ipab",
"defect": [
[
"CSCvn56175",
"CSCvo58414"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1763",
"datePublished": "2019-03-22T20:05:34.687309Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T19:14:36.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1765
Vulnerability from cvelistv5
Published
2019-03-22 20:05
Modified
2024-11-21 19:42
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. The vulnerability is due to insufficient input validation and file-level permissions. An attacker could exploit this vulnerability by uploading invalid files to an affected device. A successful exploit could allow the attacker to write files in arbitrary locations on the filesystem. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipptv | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Cisco Wireless IP Phone 8821 and 8821-EX |
Version: unspecified < 11.0(5) |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.715Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190320 Cisco IP Phone 8800 Series Path Traversal Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipptv"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1765",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:59:55.624771Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:42:16.141Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Wireless IP Phone 8821 and 8821-EX",
"vendor": "Cisco",
"versions": [
{
"lessThan": "11.0(5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Cisco IP Conference Phone 8832 and the rest of the IP Phone 8800 Series",
"vendor": "Cisco",
"versions": [
{
"lessThan": "12.5(1)SR1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. The vulnerability is due to insufficient input validation and file-level permissions. An attacker could exploit this vulnerability by uploading invalid files to an affected device. A successful exploit could allow the attacker to write files in arbitrary locations on the filesystem. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-22T20:05:23",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190320 Cisco IP Phone 8800 Series Path Traversal Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipptv"
}
],
"source": {
"advisory": "cisco-sa-20190320-ipptv",
"defect": [
[
"CSCvn56213",
"CSCvo57138"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 8800 Series Path Traversal Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-20T16:00:00-0700",
"ID": "CVE-2019-1765",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone 8800 Series Path Traversal Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Wireless IP Phone 8821 and 8821-EX",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "11.0(5)"
}
]
}
},
{
"product_name": "Cisco IP Conference Phone 8832 and the rest of the IP Phone 8800 Series",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "12.5(1)SR1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. The vulnerability is due to insufficient input validation and file-level permissions. An attacker could exploit this vulnerability by uploading invalid files to an affected device. A successful exploit could allow the attacker to write files in arbitrary locations on the filesystem. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190320 Cisco IP Phone 8800 Series Path Traversal Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipptv"
}
]
},
"source": {
"advisory": "cisco-sa-20190320-ipptv",
"defect": [
[
"CSCvn56213",
"CSCvo57138"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1765",
"datePublished": "2019-03-22T20:05:23.295708Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:42:16.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1635
Vulnerability from cvelistv5
Published
2019-05-03 14:55
Modified
2024-11-19 19:09
Severity ?
EPSS score ?
Summary
A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to incomplete error handling when XML data within a SIP packet is parsed. An attacker could exploit this vulnerability by sending a SIP packet that contains a malicious XML payload to an affected phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-phone-sip-xml-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Cisco Wireless IP Phone 8821 and 8821-EX |
Version: unspecified < 11.0(5) |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:20:28.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190501 Cisco IP Phone 7800 Series and 8800 Series Session Initiation Protocol XML Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-phone-sip-xml-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1635",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:24:33.589954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:09:54.267Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Wireless IP Phone 8821 and 8821-EX",
"vendor": "Cisco",
"versions": [
{
"lessThan": "11.0(5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Cisco IP Phone 7800 Series and 8800 Series",
"vendor": "Cisco",
"versions": [
{
"lessThan": "12.5(1)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-05-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to incomplete error handling when XML data within a SIP packet is parsed. An attacker could exploit this vulnerability by sending a SIP packet that contains a malicious XML payload to an affected phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-03T14:55:27",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190501 Cisco IP Phone 7800 Series and 8800 Series Session Initiation Protocol XML Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-phone-sip-xml-dos"
}
],
"source": {
"advisory": "cisco-sa-20190501-phone-sip-xml-dos",
"defect": [
[
"CSCvm39405",
"CSCvo19825",
"CSCvo21348",
"CSCvo23532"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 7800 Series and 8800 Series Session Initiation Protocol XML Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-05-01T16:00:00-0700",
"ID": "CVE-2019-1635",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone 7800 Series and 8800 Series Session Initiation Protocol XML Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Wireless IP Phone 8821 and 8821-EX",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "11.0(5)"
}
]
}
},
{
"product_name": "Cisco IP Phone 7800 Series and 8800 Series",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "12.5(1)"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to incomplete error handling when XML data within a SIP packet is parsed. An attacker could exploit this vulnerability by sending a SIP packet that contains a malicious XML payload to an affected phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190501 Cisco IP Phone 7800 Series and 8800 Series Session Initiation Protocol XML Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-phone-sip-xml-dos"
}
]
},
"source": {
"advisory": "cisco-sa-20190501-phone-sip-xml-dos",
"defect": [
[
"CSCvm39405",
"CSCvo19825",
"CSCvo21348",
"CSCvo23532"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1635",
"datePublished": "2019-05-03T14:55:27.291439Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T19:09:54.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-26141
Vulnerability from cvelistv5
Published
2021-05-11 19:42
Modified
2024-08-04 15:49
Severity ?
EPSS score ?
Summary
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu | vendor-advisory, x_refsource_CISCO | |
| https://www.fragattacks.com | x_refsource_MISC | |
| https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2021/05/11/12 | mailing-list, x_refsource_MLIST | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf | x_refsource_CONFIRM | |
| https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:49:07.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T14:13:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26141",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"name": "https://www.fragattacks.com",
"refsource": "MISC",
"url": "https://www.fragattacks.com"
},
{
"name": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md",
"refsource": "MISC",
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-26141",
"datePublished": "2021-05-11T19:42:11",
"dateReserved": "2020-09-29T00:00:00",
"dateUpdated": "2024-08-04T15:49:07.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1684
Vulnerability from cvelistv5
Published
2019-02-21 20:00
Modified
2024-11-21 19:45
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/107104 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco IP Phone 8800 Series Software |
Version: unspecified < 12.6(1)MN80 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:41.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190220 Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos"
},
{
"name": "107104",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107104"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1684",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T19:00:28.716175Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:45:06.009Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP Phone 8800 Series Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "12.6(1)MN80",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-22T10:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190220 Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos"
},
{
"name": "107104",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107104"
}
],
"source": {
"advisory": "cisco-sa-20190220-cdp-lldp-dos",
"defect": [
[
"CSCvn47250"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-02-20T16:00:00-0800",
"ID": "CVE-2019-1684",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IP Phone 8800 Series Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "12.6(1)MN80"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.5",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190220 Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos"
},
{
"name": "107104",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107104"
}
]
},
"source": {
"advisory": "cisco-sa-20190220-cdp-lldp-dos",
"defect": [
[
"CSCvn47250"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1684",
"datePublished": "2019-02-21T20:00:00Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:45:06.009Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2021-10-06 20:15
Modified
2024-11-21 06:11
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted input to a debug shell command. A successful exploit could allow the attacker to read any file on the device file system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_7832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E42261E2-07EC-416E-A65C-7D85584DED32",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_7832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6592E7FE-346E-4923-97C2-F5298DC802A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9BC28D-0BC0-45CB-A87B-59F407F3A210",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1010D16-DC6E-47A6-8BF9-C1026D975E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7811_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38F67250-E4D0-48BE-928E-EF1BB4005940",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7811:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7260C17-7067-47AD-995F-366A5E8B10E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD40B5EB-D356-42D4-9464-67D0481460A9",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7AFFF0-5B21-400B-B923-E9B7FCCE08FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5F5CAF-F0C4-41E4-A455-FB6A4D700A23",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32D8B3FD-3157-49D3-A4BA-D4FAAB1B6D4C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7841_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67895EA8-C707-4228-A8A2-4654E2B912CA",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73CF8A50-11BD-4506-BF2A-CCA36BF59EFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F83ED1C8-1655-46EC-B1F5-4BD1D519057D",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E52C420C-FD54-4BE4-8720-E05307D53520",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8811_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41F875DA-AF0C-49CE-8BC5-DD1E0702FACF",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8811:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0CC3127-3152-4906-9FE0-BC6F21DCADAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8831_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B85805E6-8B5D-4677-9DDA-2FF5FB8F23C0",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8831:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF13D70B-1F27-4B3F-83FD-EF9688F1D123",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phones_8832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1898FC60-6633-4322-9046-E1B8B85FF850",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phones_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B980D4B-63D0-4786-AD62-FFE49FED33FD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8841_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFACDCE6-95B3-45A7-86D3-18F3A78D5AF7",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7944CC9C-AE08-4F30-AF65-134DADBD0FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8845_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "280BC438-AF6B-464B-A283-CE183C06E13B",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8845:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A313E64A-F43C-4FBA-A389-6171CBD709C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8851_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64E92C6B-5BA7-4C5F-B262-AE20F3951923",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8851:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF6DC5E-F582-445E-BF05-2D55A0954663",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E3B94C-BA7B-481A-AF4D-2FCF5E81D7B6",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090EE553-01D5-45F0-87A4-E1167F46EB77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9A7F857-A3D7-43DA-8E94-FDA0EE542C39",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB99B9AB-64B5-4989-9579-A1BB5D2D87EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59A19DB2-1E3A-40AC-B265-878E9B568E8C",
"versionEndExcluding": "11.0\\(6\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:wireless_ip_phone_8821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F97DF354-7690-417E-B223-72C8BDA36DA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted input to a debug shell command. A successful exploit could allow the attacker to read any file on the device file system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el shell de depuraci\u00f3n del software de Cisco IP Phone podr\u00eda permitir a un atacante local autenticado leer cualquier archivo del sistema de archivos del dispositivo. Esta vulnerabilidad es debido a una comprobaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad al proporcionar una entrada dise\u00f1ada a un comando del shell de depuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante leer cualquier archivo en el sistema de archivos del dispositivo"
}
],
"id": "CVE-2021-34711",
"lastModified": "2024-11-21T06:11:01.283",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-06T20:15:09.587",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-arbfileread-NPdtE2Ow"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-arbfileread-NPdtE2Ow"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-36"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-22 20:29
Modified
2024-11-21 04:37
Severity ?
8.1 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. The vulnerability is due to insufficient input validation and file-level permissions. An attacker could exploit this vulnerability by uploading invalid files to an affected device. A successful exploit could allow the attacker to write files in arbitrary locations on the filesystem. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ip_phone_8821_firmware | * | |
| cisco | ip_phone_8821 | - | |
| cisco | ip_phone_8821-ex_firmware | * | |
| cisco | ip_phone_8821-ex | - | |
| cisco | ip_conference_phone_8832_firmware | * | |
| cisco | ip_conference_phone_8832 | - | |
| cisco | ip_phone_8800_firmware | * | |
| cisco | ip_phone_8800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3F2457-858E-40FA-85D1-6F7D2F159881",
"versionEndExcluding": "11.0\\(5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36C99E0B-0383-4CB3-B325-EC0F3D57D39D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821-ex_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7964E7B4-DC9E-4278-9F0F-A992C4B0A9A1",
"versionEndExcluding": "11.0\\(5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE56B858-B59D-4197-9B2A-33A03908B967",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A670F039-B178-4D87-A8E8-56A13C1D3900",
"versionEndExcluding": "12.5\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1010D16-DC6E-47A6-8BF9-C1026D975E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97B45071-9689-4D89-AD75-5170DA2E7A29",
"versionEndExcluding": "12.5\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BBEA07-3154-4270-B865-D4AD26EB3B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. The vulnerability is due to insufficient input validation and file-level permissions. An attacker could exploit this vulnerability by uploading invalid files to an affected device. A successful exploit could allow the attacker to write files in arbitrary locations on the filesystem. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de gesti\u00f3n web de Session Initiation Protocol (SIP) en los tel\u00e9fonos Cisco IP 8800 Series podr\u00eda permitir que un atacante remoto autenticado escriba archivos arbitrarios en el sistema de archivos. La vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente y a permisos a nivel de archivo. Un atacante podr\u00eda explotar esta vulnerabilidad subiendo archivos inv\u00e1lidos a un dispositivo afectado. Un exploit exitoso podr\u00eda permitir que el atacante escriba archivos en ubicaciones arbitrarias en el sistema de archivos. La vulnerabilidad afecta a los productos Cisco IP Phone 8800 Series que ejecutan una versi\u00f3n de software SIP anterior a la 11.0(5) para Wireless IP Phone 8821 y 8821-EX; y 12.5(1)SR1 para IP Conference Phone 8832 y el resto de IP Phone 8800 Series."
}
],
"id": "CVE-2019-1765",
"lastModified": "2024-11-21T04:37:19.630",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-22T20:29:00.477",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipptv"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipptv"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-03 15:29
Modified
2024-11-21 04:36
Severity ?
Summary
A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to incomplete error handling when XML data within a SIP packet is parsed. An attacker could exploit this vulnerability by sending a SIP packet that contains a malicious XML payload to an affected phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_7832_firmware:9.3\\(4\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD73D2F-1022-44A8-92BE-B71067B1024F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_7832_firmware:10.3\\(1\\)sr4b:*:*:*:*:*:*:*",
"matchCriteriaId": "363A9F49-5D70-4A6B-926E-64C981201E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_7832_firmware:11.0\\(4\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "0746182E-EE0F-44A9-BFFA-113943E25C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_7832_firmware:12.1\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AB6067-68C7-4922-A02F-A7F93F52BAB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_7832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6592E7FE-346E-4923-97C2-F5298DC802A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:9.3\\(4\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "CC1252DE-9802-49F8-99C9-B125D3293C40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:10.3\\(1\\)sr4b:*:*:*:*:*:*:*",
"matchCriteriaId": "44EFD14D-4C69-4437-A72F-6B49247D26A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:11.0\\(4\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "FB56EF0C-C107-4F6A-8B85-F6BA70A2A705",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:12.1\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "885379ED-09FE-4FF4-9BF0-8892F0C1E58D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1010D16-DC6E-47A6-8BF9-C1026D975E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7811_firmware:9.3\\(4\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2088285-FDD2-416F-AC19-ABF0E2F3B4D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7811_firmware:10.3\\(1\\)sr4b:*:*:*:*:*:*:*",
"matchCriteriaId": "255EE0C9-876C-4363-B78A-5E10FE27A2C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7811_firmware:11.0\\(4\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A43FC86-07E5-4014-B234-022A271558E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7811_firmware:12.1\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "256E6A12-D2F3-4791-BE21-25AAD05A485D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7811:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7260C17-7067-47AD-995F-366A5E8B10E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7821_firmware:9.3\\(4\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "54CCAE81-1F36-46FA-AF1A-CE4FF483642B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7821_firmware:10.3\\(1\\)sr4b:*:*:*:*:*:*:*",
"matchCriteriaId": "91DB84C4-34F8-49A0-B549-E0D0A704A11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7821_firmware:11.0\\(4\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "4579AF4D-761B-428A-A8C2-5070D1D7099C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7821_firmware:12.1\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "8522666F-B6A8-4307-9476-E2FF15127758",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7AFFF0-5B21-400B-B923-E9B7FCCE08FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7841_firmware:9.3\\(4\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "8C282581-0202-40BD-B199-1A68AC97B096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7841_firmware:10.3\\(1\\)sr4b:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD0F281-2C1F-4E23-94DB-CE241B572549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7841_firmware:11.0\\(4\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBA0C82-3B4F-4D4F-93D6-7FE16A527E8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7841_firmware:12.1\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "28216EED-6ADC-4257-9A0C-4F6F9B5252CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73CF8A50-11BD-4506-BF2A-CCA36BF59EFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7861_firmware:9.3\\(4\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADD6BEF-D247-4CC4-94B8-56CB9B2F71A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7861_firmware:10.3\\(1\\)sr4b:*:*:*:*:*:*:*",
"matchCriteriaId": "D13F84C8-B683-43E4-BC42-3A3C8E8D9062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7861_firmware:11.0\\(4\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C30C018-94D3-4F44-9BF7-5709720CE0F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7861_firmware:12.1\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A89D9DB-422E-4B46-B36B-D99F22115298",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E52C420C-FD54-4BE4-8720-E05307D53520",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8811_firmware:9.3\\(4\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "2C43C8F5-997D-4162-A821-18B043F736AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8811_firmware:10.3\\(1\\)sr4b:*:*:*:*:*:*:*",
"matchCriteriaId": "9396CE51-CFEC-43B6-B166-BADE75A4095A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8811_firmware:11.0\\(4\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "3820F81F-1185-4912-892C-683D8743211E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8811_firmware:12.1\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "F04D29EB-7D9F-43A7-B1B0-0720ADCE91D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8811:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0CC3127-3152-4906-9FE0-BC6F21DCADAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8841_firmware:9.3\\(4\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9C7468-B4E3-40BB-B458-1C2C72B4F78E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8841_firmware:10.3\\(1\\)sr4b:*:*:*:*:*:*:*",
"matchCriteriaId": "42900209-06A4-4C14-AD3D-E20003B806E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8841_firmware:11.0\\(4\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "94A3926A-AEFE-4B09-847B-9EC65DC1CED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8841_firmware:12.1\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "A214FBBD-D9BA-4C0B-8FD3-D63726FA56FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7944CC9C-AE08-4F30-AF65-134DADBD0FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8845_firmware:9.3\\(4\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABC02B3-31D9-404A-87D1-59C3DB491B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8845_firmware:10.3\\(1\\)sr4b:*:*:*:*:*:*:*",
"matchCriteriaId": "B0440050-1892-4494-9E4E-1501A1ADB95A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8845_firmware:11.0\\(4\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "1A54102B-AFBA-4712-81EA-A516DAE2BEF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8845_firmware:12.1\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "992DEC8F-60D0-45E3-83D3-20239100DD6A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8845:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A313E64A-F43C-4FBA-A389-6171CBD709C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8851_firmware:9.3\\(4\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7471753-87C9-41DC-B03A-0AA4EF7AB9EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8851_firmware:10.3\\(1\\)sr4b:*:*:*:*:*:*:*",
"matchCriteriaId": "49AAD418-5E3B-4DBC-BC5E-E71202502646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8851_firmware:11.0\\(4\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE8DD75-E8CB-43F5-8BAD-43A7723099C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8851_firmware:12.1\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C350795-5886-4046-8BD0-98E6A8356803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8851:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF6DC5E-F582-445E-BF05-2D55A0954663",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:9.3\\(4\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "14EA7D1C-DFCD-48E1-AC9A-D3E65EE4B034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:10.3\\(1\\)sr4b:*:*:*:*:*:*:*",
"matchCriteriaId": "614A66E5-6ACB-4F2C-BF71-98DB797CD8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:11.0\\(4\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "E781A6F7-BD75-41E3-AE5B-122D2CF7AE08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:12.1\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "86A0C561-5AD6-4183-892C-362FE8F4D5D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090EE553-01D5-45F0-87A4-E1167F46EB77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:9.3\\(4\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "69E0BE44-A21A-41FF-AF39-4ADCCE1BC7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:10.3\\(1\\)sr4b:*:*:*:*:*:*:*",
"matchCriteriaId": "0F51E412-0F60-4652-B02E-ECBCE95896C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:11.0\\(4\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "58F6DC75-CB97-4862-9C6B-D606DBA9C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:12.1\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B80E4A-348E-4105-86C0-7A41C3E1566B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB99B9AB-64B5-4989-9579-A1BB5D2D87EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_8831_conference_phone1_firmware:9.3\\(4\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF34B4E-4AEC-4905-9682-40F36C28E7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:unified_ip_8831_conference_phone1_firmware:10.3\\(1\\)sr4b:*:*:*:*:*:*:*",
"matchCriteriaId": "11013BA7-1921-4D28-9C53-38DA027A4EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:unified_ip_8831_conference_phone1_firmware:11.0\\(4\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "514FD53A-9705-40B1-8B9D-8AB7915D61ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:unified_ip_8831_conference_phone1_firmware:12.1\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6554D1-948A-4DEB-82BF-9502F9A2FE5E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_8831_conference_phone1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B40CABF-34A1-418E-A325-118E7BE3B30D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_8831_conference_phone_for_third-party_call_control2_firmware:9.3\\(4\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8E2293-B99B-4712-9141-BB9B08F49E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:unified_ip_8831_conference_phone_for_third-party_call_control2_firmware:10.3\\(1\\)sr4b:*:*:*:*:*:*:*",
"matchCriteriaId": "50AC0158-05D4-43F4-8672-896547291728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:unified_ip_8831_conference_phone_for_third-party_call_control2_firmware:11.0\\(4\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "58EF3AB3-963F-4AFE-A90F-F5481C4F470D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:unified_ip_8831_conference_phone_for_third-party_call_control2_firmware:12.1\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D92C1FD-2D4C-4E71-B80D-D03A4715D409",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_8831_conference_phone_for_third-party_call_control2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00904062-5E08-4DC6-807D-D3C86E6408C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821_firmware:9.3\\(4\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "A329AA28-EEDE-45B4-B257-1C9D6AC16120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821_firmware:10.3\\(1\\)sr4b:*:*:*:*:*:*:*",
"matchCriteriaId": "DC82A672-0A91-4237-9D78-62BA22DA21AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821_firmware:11.0\\(4\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC55AC07-54E1-4E92-A451-033C42B98566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821_firmware:12.1\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "573AB0AB-8F11-4C29-A502-E116DF493C5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:wireless_ip_phone_8821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F97DF354-7690-417E-B223-72C8BDA36DA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821-ex_firmware:9.3\\(4\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "3A34E38C-C35A-423B-93EE-ADCE6DBCE389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821-ex_firmware:10.3\\(1\\)sr4b:*:*:*:*:*:*:*",
"matchCriteriaId": "2F638402-3932-4877-B5F8-553262C00D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821-ex_firmware:11.0\\(4\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "0334BAF9-4566-4466-9457-DA9A064A8F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821-ex_firmware:12.1\\(1\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BE3305F-E427-4F11-BFD8-AD5FE2FE6731",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:wireless_ip_phone_8821-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26CAE4C7-EADB-41A9-BE48-1A4F3D8D3D7A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to incomplete error handling when XML data within a SIP packet is parsed. An attacker could exploit this vulnerability by sending a SIP packet that contains a malicious XML payload to an affected phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad de manejo de llamadas (call-handling) del Software Session Initiation Protocol (SIP) para tel\u00e9fonos IP 7800 Series y 8800 Series de Cisco, podr\u00eda permitir que un atacante remoto no identificado haga que un tel\u00e9fono afectado se recargue inesperadamente, resultando en una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS ) temporal. La vulnerabilidad es debido a un manejo de errores incompleto cuando los datos XML dentro de un paquete SIP son analizados. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un paquete SIP que contiene una carga XML maliciosa a un tel\u00e9fono afectado. Una operaci\u00f3n \u00e9xito podr\u00eda permitir al atacante hacer que el tel\u00e9fono afectado se recargue inesperadamente, resultando en una condici\u00f3n DoS temporal."
}
],
"id": "CVE-2019-1635",
"lastModified": "2024-11-21T04:36:58.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-03T15:29:00.713",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-phone-sip-xml-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-phone-sip-xml-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-22 20:29
Modified
2024-11-21 04:37
Severity ?
8.1 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ip_phone_8821_firmware | * | |
| cisco | ip_phone_8821 | - | |
| cisco | ip_phone_8821-ex_firmware | * | |
| cisco | ip_phone_8821-ex | - | |
| cisco | ip_conference_phone_8832_firmware | * | |
| cisco | ip_conference_phone_8832 | - | |
| cisco | ip_phone_8800_firmware | * | |
| cisco | ip_phone_8800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3F2457-858E-40FA-85D1-6F7D2F159881",
"versionEndExcluding": "11.0\\(5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36C99E0B-0383-4CB3-B325-EC0F3D57D39D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821-ex_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7964E7B4-DC9E-4278-9F0F-A992C4B0A9A1",
"versionEndExcluding": "11.0\\(5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE56B858-B59D-4197-9B2A-33A03908B967",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A670F039-B178-4D87-A8E8-56A13C1D3900",
"versionEndExcluding": "12.5\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1010D16-DC6E-47A6-8BF9-C1026D975E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97B45071-9689-4D89-AD75-5170DA2E7A29",
"versionEndExcluding": "12.5\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BBEA07-3154-4270-B865-D4AD26EB3B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de gesti\u00f3n web de Session Initiation Protocol (SIP) en los tel\u00e9fonos Cisco IP 8800 Series podr\u00eda permitir que un atacante remoto sin autenticar lleve a cabo un ataque Cross-Site Request Forgery (CSRF). La vulnerabilidad se debe a la medidas de protecci\u00f3n contra CSRF insuficientes para la interfaz de administraci\u00f3n web de un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad haciendo que un usuario autenticado de la interfaz siga un enlace manipulado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante realice acciones arbitrarias en un dispositivo objetivo mediante un navegador web y con los privilegios del usuario. La vulnerabilidad afecta a los productos Cisco IP Phone 8800 Series que ejecutan una versi\u00f3n de software SIP anterior a la 11.0(5) para Wireless IP Phone 8821 y 8821-EX; y 12.5(1)SR1 para IP Conference Phone 8832 y el resto de IP Phone 8800 Series. Cisco IP Conference Phone 8831 no se ha visto afectado."
}
],
"id": "CVE-2019-1764",
"lastModified": "2024-11-21T04:37:19.503",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-22T20:29:00.447",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-csrf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-csrf"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-22 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to critical services and cause a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ip_phone_8821_firmware | * | |
| cisco | ip_phone_8821 | - | |
| cisco | ip_phone_8821-ex_firmware | * | |
| cisco | ip_phone_8821-ex | - | |
| cisco | ip_conference_phone_8832_firmware | * | |
| cisco | ip_conference_phone_8832 | - | |
| cisco | ip_phone_8800_firmware | * | |
| cisco | ip_phone_8800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3F2457-858E-40FA-85D1-6F7D2F159881",
"versionEndExcluding": "11.0\\(5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36C99E0B-0383-4CB3-B325-EC0F3D57D39D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821-ex_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7964E7B4-DC9E-4278-9F0F-A992C4B0A9A1",
"versionEndExcluding": "11.0\\(5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE56B858-B59D-4197-9B2A-33A03908B967",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A670F039-B178-4D87-A8E8-56A13C1D3900",
"versionEndExcluding": "12.5\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1010D16-DC6E-47A6-8BF9-C1026D975E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97B45071-9689-4D89-AD75-5170DA2E7A29",
"versionEndExcluding": "12.5\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BBEA07-3154-4270-B865-D4AD26EB3B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to critical services and cause a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de gesti\u00f3n web de Session Initiation Protocol (SIP) en los tel\u00e9fonos Cisco IP 8800 Series podr\u00eda permitir que un atacante remoto sin autenticar omita la autorizaci\u00f3n, acceda a servicios cr\u00edticos y provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad existe debido a que el software no sanea las URL antes de manejar las peticiones. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una URL manipulada. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante obtenga acceso a servicios cr\u00edticos y provoque una denegaci\u00f3n de servicio (DoS). La vulnerabilidad afecta a los productos Cisco IP Phone 8800 Series que ejecutan una versi\u00f3n de software SIP anterior a la 11.0(5) para Wireless IP Phone 8821 y 8821-EX; y 12.5(1)SR1 para IP Conference Phone 8832 y el resto de IP Phone 8800 Series. Cisco IP Conference Phone 8831 no se ha visto afectado."
}
],
"id": "CVE-2019-1763",
"lastModified": "2024-11-21T04:37:19.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-22T20:29:00.400",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipab"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipab"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-02-21 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/107104 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107104 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89D9BF57-C162-41AD-9A1F-E5FAEB6236E5",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BBEA07-3154-4270-B865-D4AD26EB3B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD7E41E-0B06-4BE2-8261-DD3E6CC1ADF7",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF03D5F2-0483-409B-90F0-A1430774A258",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_7832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "206B3B82-6BE3-4A83-82AC-1B8833B3C6CF",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_7832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6592E7FE-346E-4923-97C2-F5298DC802A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "220D7909-9F20-477A-936B-DF18481981DC",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1010D16-DC6E-47A6-8BF9-C1026D975E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7811_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "039A38D4-3002-4302-95B3-76F101C9E83C",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7811:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7260C17-7067-47AD-995F-366A5E8B10E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54A10DA5-A0BD-4E49-A08C-65163D51A912",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7AFFF0-5B21-400B-B923-E9B7FCCE08FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7841_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7FF8A4E-D04D-4763-852F-7BB48582B74D",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73CF8A50-11BD-4506-BF2A-CCA36BF59EFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70632BDA-2393-4C38-94FA-40622AFBFB37",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E52C420C-FD54-4BE4-8720-E05307D53520",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8811_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8710D204-9591-4979-9EE9-0CC57A6B022E",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8811:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0CC3127-3152-4906-9FE0-BC6F21DCADAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8841_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEDCA435-694F-45BD-BC3D-F6A4CD9514A2",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7944CC9C-AE08-4F30-AF65-134DADBD0FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8845_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9C9562-7698-4F77-8423-BE601C089DF1",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8845:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A313E64A-F43C-4FBA-A389-6171CBD709C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8851_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "569C0ABC-5507-4009-A1C0-C4A4E91B39A1",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8851:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF6DC5E-F582-445E-BF05-2D55A0954663",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B33943D1-224E-441D-A426-DABBAE047657",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090EE553-01D5-45F0-87A4-E1167F46EB77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1262C94-C8B0-4266-A369-6AA960F2FA78",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB99B9AB-64B5-4989-9579-A1BB5D2D87EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de Cisco Discovery Protocol o en Link Layer Discovery Protocol (LLDP) en Cisco IP Phone 7800 and 8800 Series podr\u00eda permitir que un atacante adyacente no autenticado provoque que un tel\u00e9fono afectado se recargue inesperadamente, lo que resulta en una condici\u00f3n temporal de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a la falta de una validaci\u00f3n de longitud de determinados campos de cabeceras de paquetes Cisco Discovery Protocol o LLDP. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un paquete Cisco Discovery Protocol o LLDP malicioso al tel\u00e9fono objetivo. Si se explota con \u00e9xito, podr\u00eda permitir que el atacante consiga que el tel\u00e9fono afectado se reinicie, provocando una denegaci\u00f3n de servicio (DoS) temporal. Todas las versiones anteriores a la 12.6(1)MN80 se ven afectadas."
}
],
"id": "CVE-2019-1684",
"lastModified": "2024-11-21T04:37:05.597",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-02-21T20:29:00.337",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107104"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-06 02:15
Modified
2024-11-21 04:37
Severity ?
5.3 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol (SIP) packets. An attacker could exploit this vulnerability by altering the SIP replies that are sent to the affected phone during the registration process. A successful exploit could allow the attacker to cause the phone to reboot and not complete the registration process.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_7832_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0FADEF-5936-47C4-AE76-F9792EEB5FF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_7832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6592E7FE-346E-4923-97C2-F5298DC802A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:11.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9D7DE83F-249F-49CD-975C-776C880600C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "96DB28BD-AB6C-4BDB-B3EE-A2C09B6B522B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1010D16-DC6E-47A6-8BF9-C1026D975E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7811_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94058F1C-6BFD-4F04-ADEB-8A037DBD8A19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7811:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7260C17-7067-47AD-995F-366A5E8B10E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7821_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE866B51-B54D-42EB-A1AB-190C2F602774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7AFFF0-5B21-400B-B923-E9B7FCCE08FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7841_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17087453-578E-4E0E-8C70-D449B0EA92F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73CF8A50-11BD-4506-BF2A-CCA36BF59EFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7861_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A13225-DCFA-41D0-A1B4-9C5E5C0D96C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E52C420C-FD54-4BE4-8720-E05307D53520",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8811_firmware:11.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "28644FCB-14E2-459F-B202-D1A30D75B458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8811_firmware:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B4401555-203E-4054-BD7E-087ABFA5DFF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8811:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0CC3127-3152-4906-9FE0-BC6F21DCADAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8841_firmware:11.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "273DEB37-E03D-4DBD-A844-7BBDB2B94B2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8841_firmware:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D6ECD3E1-F396-466E-BC3D-7A4F5D8DC702",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7944CC9C-AE08-4F30-AF65-134DADBD0FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8845_firmware:11.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8C11A77A-9C5F-4900-8AA5-8A9508F281CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8845_firmware:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "420E3151-E2FB-4DB6-9889-71AD8ADBF39E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8845:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A313E64A-F43C-4FBA-A389-6171CBD709C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8851_firmware:11.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A337A74-D00D-4B9A-BB0C-73EC7EB5D4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8851_firmware:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EF502337-A9AA-4539-87B9-F7406A637935",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8851:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF6DC5E-F582-445E-BF05-2D55A0954663",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:11.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9F150FAB-C2DF-4EC0-A21A-DDAB1504B1DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2197E7BD-827F-42FF-BB90-5AB4BB3B99F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090EE553-01D5-45F0-87A4-E1167F46EB77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:11.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "008987E5-52E3-420F-A720-CF72E8D529AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F3459146-D6AC-4119-9DD6-39CA0F0F1FFF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB99B9AB-64B5-4989-9579-A1BB5D2D87EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol (SIP) packets. An attacker could exploit this vulnerability by altering the SIP replies that are sent to the affected phone during the registration process. A successful exploit could allow the attacker to cause the phone to reboot and not complete the registration process."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el software SIP IP Phone de Cisco para IP Phone 7800 Series y 8800 Series de Cisco, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un tel\u00e9fono afectado. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de paquetes de entrada de Session Initiation Protocol (SIP). Un atacante podr\u00eda explotar esta vulnerabilidad al modificar las respuestas SIP que se env\u00edan al tel\u00e9fono afectado durante el proceso de registro. Un ataque con \u00e9xito podr\u00eda permitir que el atacante cause que el tel\u00e9fono se reinicie y no complete el proceso de registro."
}
],
"id": "CVE-2019-1922",
"lastModified": "2024-11-21T04:37:41.573",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-06T02:15:11.793",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-ip-phone-sip-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-ip-phone-sip-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-11 20:15
Modified
2024-11-21 05:19
Severity ?
Summary
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:alfa:awus036h_firmware:6.1316.1209:*:*:*:*:windows_10:*:*",
"matchCriteriaId": "8A9FCD5B-54DD-4EF7-AB08-56EDE3B35E7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:alfa:awus036h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF0F9200-8AFD-4100-AF39-49476298C0E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_gr10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AED716A-D252-4FE8-ABE7-57D2AB3682ED",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_gr10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EF406E2-A24B-4D94-B4F7-2186B1D82462",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_gr60_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "518B205F-78E7-48AD-A520-A799FCE11772",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_gr60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33B44092-CC37-4683-920D-8F84C60CCCEF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12785A53-15D1-46F4-8F51-2DE8B91C5EEA",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07B1207B-C065-483D-8AB3-6B9CEC4D3C7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr30h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C22FD7BD-450D-4F81-AD5A-4CFD898EC86A",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr30h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "602DA0AF-86EB-4A01-BDE3-43596DEC746A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr33_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22306637-577A-48D0-840B-9BD36D116D6E",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr33:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12E670DC-C4D2-4277-A4DD-222D60A7CDB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr36_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49C36428-65A0-4CA9-A0D3-093547A5A713",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A66108F-5CED-4D41-8EE9-9479090B31DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr42_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "676032C5-EE2F-4B58-BD5E-AA626E6B0C3D",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr42:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18E7D194-AA15-43CD-9019-7B286F528773",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr42e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A55C08-73C3-42E7-86EE-A69DE10C2E8C",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr42e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB4754D-3B94-42AA-A150-6BDFF42B3270",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr44_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "630DCA1A-4F22-4F17-9205-6BFB0276B98A",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr44:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07E495B6-CA7A-4F58-99A2-550F83E1E020",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr45_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A323D6A6-386D-4CBD-B447-2EB18339F6CC",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr45:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F47740-D0F3-478B-AFC3-51EB3AED34A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr46_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6560ADD7-3655-4A85-A24E-1A9CC132C6AD",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr46:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27E9718F-E50B-412F-86D7-DA6F39056006",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr46e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F285B53-44CE-4158-A773-99F799F6CBCB",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr46e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B83072-84F6-43A4-9CC1-32924AFCC737",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr52_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D645D23-2B8F-4AC4-89BA-E070F3292958",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5634D1AB-B64D-44D0-A431-FE52E879B4BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr53_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E1419FD-D693-42A5-ABC1-0539FB8BAD67",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr53:-:*:*:*:*:*:*:*",
"matchCriteriaId": "920CF4B6-9424-48DA-9622-FB0C0510E52F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr53e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39D18FA7-E7D6-4F1C-BDE0-EB9526857BAD",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr53e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC322AE-6731-41F3-9C59-8CF9622D997A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr55_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE9C2A6-22E8-43A1-9936-EE65C0A342D3",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr55:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0036877-C975-4AC7-B933-E5BC5E300B44",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr56_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "092DA889-B167-41F3-81D7-B2F5BE7B99AF",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr56:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E37474E5-76DE-4326-A5A8-D8900A8A2F62",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr70_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A563D688-3994-4A14-AAEA-A45525D4C380",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr70:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37D7E013-920A-4C32-98C1-FBD7C450DD88",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr74_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC333668-F713-4E20-97A6-A2192BF34964",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr74:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366ABABA-D9C5-4D46-9516-7262AA32D4CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr76_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02148C0F-306F-4700-8657-45134F43E2C4",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr76:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D071FC26-097A-432B-8900-DA02D3116D29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr84_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04C4F44A-8E87-403B-BAD9-E6D6557496CB",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr84:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9543B910-A999-4CEF-B06A-3F1A46784BF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr86_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEF9B49-78E7-49C8-BADD-933EA12EA168",
"versionEndExcluding": "27.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr86:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A57AA24E-09E0-4EB6-9580-A68267767119",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr12_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DE98041-599C-4B5E-9C52-234BA84E2731",
"versionEndExcluding": "26.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03F4DBFC-42FC-44FD-9EDF-4C0C92053E4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr18_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AEF2C9C-2F99-49C9-95B8-93B0BDE5D777",
"versionEndExcluding": "26.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr18:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC44D14-CF82-4C9A-A399-A3B7168F1F09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr26_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75A2E923-646F-4581-BE93-FBB3BD1A9814",
"versionEndExcluding": "26.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60D19311-A114-455C-9011-004446C80E27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr32_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45A20191-7126-4B98-951F-2ACC03AAC227",
"versionEndExcluding": "26.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E011F146-3AB9-446D-ACFD-FE5B021735D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr34_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51590073-ACF5-42CC-9765-7DD358E03D40",
"versionEndExcluding": "26.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr34:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814ADA42-72A9-48D6-B524-5F5BD76F3059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr62_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42F88F22-B587-44C9-A0A3-70EBDE310932",
"versionEndExcluding": "26.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr62:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F8F3095-F280-44B0-8BC6-50221247ACE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr66_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "893DB2E2-505C-45A4-8CD0-A911DC6F8C39",
"versionEndExcluding": "26.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr66:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB99337-4422-46AB-9B79-A96CE207AC28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mr72_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB69DA2F-0922-4FF4-B199-57F9C2E804B4",
"versionEndExcluding": "26.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mr72:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68086DA9-AD50-41DC-B8B5-D9BB0512C6B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx64w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2274DBC-9BA6-4430-9E88-05027947FCBF",
"versionEndExcluding": "17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1038F5F-020D-41FD-9C3D-F2685F1EA916",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx65w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56D2B98B-9080-4DD2-841F-664EDE48D843",
"versionEndExcluding": "17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69A23113-F7E1-4587-A4FF-A4AAB446A69D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx67w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D7F4EB0-2C74-4045-B5A5-9D71A8BCC8C9",
"versionEndExcluding": "17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2529662-8A54-4DFC-80E7-922CF22DE2F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx67cw_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7855CB23-DD12-499A-B684-3FB3C893A809",
"versionEndExcluding": "17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx67cw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E85585DA-C918-445B-9B44-B2B1A982A1F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx68w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47E66153-A0EE-49F7-B168-C953E390214E",
"versionEndExcluding": "17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03F9C184-3811-4A26-846D-54ECE7CF939F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A69E5B-2C69-4769-94EE-02C70F270928",
"versionEndExcluding": "17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18E682AA-05AD-483F-915F-A2B2C98233B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_z3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85AD2B76-0B4E-434D-89F3-690E13B61B3B",
"versionEndExcluding": "17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB81CFD0-9558-47AB-96E4-CB21C1AA9159",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:meraki_z3c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42B92043-5436-4CA1-A297-DE88A5631BDC",
"versionEndExcluding": "17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6646F004-E0E0-4316-A022-2793C28FBCCC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59A19DB2-1E3A-40AC-B265-878E9B568E8C",
"versionEndExcluding": "11.0\\(6\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:wireless_ip_phone_8821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F97DF354-7690-417E-B223-72C8BDA36DA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_6861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B261F994-59CA-45F1-ACAC-8F4E93C94C64",
"versionEndExcluding": "11.3\\(5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_6861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C05A7CA6-AD58-45D7-AF32-129E22855D8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:*:*:*:*:*:3pcc:*:*",
"matchCriteriaId": "13D13E34-A8AA-46F4-A0E3-E79D4513EFFA",
"versionEndExcluding": "11.3\\(5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:3pcc:*:*",
"matchCriteriaId": "77FC1162-9241-4605-8E0A-F9AC7F5F94E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E3B94C-BA7B-481A-AF4D-2FCF5E81D7B6",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090EE553-01D5-45F0-87A4-E1167F46EB77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9A7F857-A3D7-43DA-8E94-FDA0EE542C39",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB99B9AB-64B5-4989-9579-A1BB5D2D87EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9BC28D-0BC0-45CB-A87B-59F407F3A210",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1010D16-DC6E-47A6-8BF9-C1026D975E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_room_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F052EA74-DB34-4FF0-9A55-4E117CAF7765",
"versionEndExcluding": "1.2\\(0\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_room_series:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0872EA42-38A9-45A5-94A6-747FEEE0E1D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_desk_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A0DD3DA-5B3D-4435-990B-FF181130788B",
"versionEndExcluding": "1.2\\(0\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_desk_series:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14038A41-2C6F-4A1E-85A1-8692B9633C8F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_board_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75ED1FFC-A550-4F59-B4AE-FE8B0261E1AE",
"versionEndExcluding": "10.8.2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_board_series:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBE3BDBD-4D85-4C2E-B02E-D7D71331AFC2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_wireless_phone_860_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C80751CD-A4EE-45F5-83B3-E5D24C274B98",
"versionEndExcluding": "1.4\\(0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_wireless_phone_860:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC3CC529-4C57-4A21-8936-FD4222F2D350",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:webex_wireless_phone_840_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "336CF15F-5AD9-41FD-8606-1531F37FBE1E",
"versionEndExcluding": "1.4\\(0\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:webex_wireless_phone_840:-:*:*:*:*:*:*:*",
"matchCriteriaId": "922CC404-372F-4F14-B820-67473C0938FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5778-1gy00-0ab0_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "D5BDAE9A-9065-4CAE-8031-D294F31E2946",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5778-1gy00-0ab0:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "B6D89D68-199F-42E2-84D0-97D3FF59F05F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5778-1gy00-0aa0_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "0E2D01D5-2DE9-4AD9-93D9-9C44F08B2BEE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5778-1gy00-0aa0:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "21A17252-75C3-46B4-927A-124354169DC8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5721-1fc00-0aa0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "5A333C23-A56B-48F6-992E-3BF0BD93F730",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5721-1fc00-0aa0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "F941751F-76BB-4B0B-88B6-CFDBEA4FC2A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5721-1fc00-0ab0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "867FE297-7913-43B1-AFF5-A4345FE7DF62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5721-1fc00-0ab0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "EB4AEAD7-F842-4E6E-9F44-73356C1874AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5722-1fc00-0aa0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "840CD560-0324-41FB-B51E-77AEEEDC86BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5722-1fc00-0aa0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "B9CFC662-6AA7-4528-B7DF-1ABF16DF0DAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5722-1fc00-0ab0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "2EB47ED3-1063-4A3F-B4BB-8671CE96E0B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5722-1fc00-0ab0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "664E9B08-2FA7-4257-B4DA-E3BB510E1E7A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5722-1fc00-0ac0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "E7DCBC95-FEC1-40B3-A81D-179FC97EFEBB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5722-1fc00-0ac0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "626DA25C-2DCA-4BFD-8A55-85BD1321D79F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5734-1fx00-0aa0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "EF32DD9B-2036-49AD-9547-956CAE3CD785",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5734-1fx00-0aa0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "54DFFDC5-6BB7-4C97-B531-E6FD3CC7A533",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5734-1fx00-0aa6_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "4B303C52-44D8-4AA6-87C7-2659F7C1610E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5734-1fx00-0aa6:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "7F935667-D4C4-45BE-9D39-9B7A40BD80A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5734-1fx00-0ab0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "FF6314D0-5604-4CD1-8C5F-134AC492483E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5734-1fx00-0ab0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "5F103B12-A8CD-4B32-BFE3-940E3B4E7317",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5734-1fx00-0ab6_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "5B894E95-F49A-42ED-888D-4727F41F1A63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5734-1fx00-0ab6:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "6F7BFBE4-92CA-4D23-8136-605C83B7E66C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5738-1gy00-0aa0_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "F083F822-DDE4-4D14-81F0-4EFD60DB13CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5738-1gy00-0aa0:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "377B769F-0394-4E64-BF82-AAB8ADE562B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5738-1gy00-0ab0_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "8BB35C1E-C9E7-4803-9AC1-ADFCBCA1052E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5738-1gy00-0ab0:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "49160650-CDA3-4E4C-BE42-BB84EB19F7E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5748-1fc00-0aa0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "F6D3DD37-BAF7-4DBD-85D6-A6FEAE19DFFE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5748-1fc00-0aa0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "6E04CD9F-35B4-4E99-821F-D219980AE2CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5748-1fc00-0ab0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "285EA838-3D9B-46EE-A9DB-9349500FC3D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5748-1fc00-0ab0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "70DE2F72-4AB0-4D0C-AD1F-4D924CB6784C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5748-1gd00-0aa0_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "362FFD56-CFBF-4F66-974F-41FEE79D15AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5748-1gd00-0aa0:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "C34A9FA4-119C-4B3A-BA67-B7305ED073A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5748-1gd00-0ab0_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "D5CD5D61-1DF5-4B1B-8F9B-8786563BE8E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5748-1gd00-0ab0:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "8B7DAEE3-5390-4981-A577-991A42696AC9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5761-1fc00-0aa0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "2E784308-225C-4FD1-87AF-A2D052CD87A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5761-1fc00-0aa0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "62F306FD-D399-4D3B-9F4A-6605B035DFE9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5761-1fc00-0ab0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "792D3327-54FF-4DF1-826C-670C2B91DAC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5761-1fc00-0ab0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "4BE9B963-6B95-49DC-A499-3DE4DC269036",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5774-1fx00-0aa0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "7EED502F-EBE4-4DED-822E-8CA310A354B4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5774-1fx00-0aa0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "3C8D09C4-AB99-498A-BDA9-20F040BA57B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5774-1fx00-0aa6_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "EEF16762-3BCD-4908-BDFC-EE1DC34023D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5774-1fx00-0aa6:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "3DAC6CD0-C5D8-4C87-BC35-93E49FDFB55B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5774-1fx00-0ab0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "ADAF404C-8334-4754-90B6-5C1E6CCD1F76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5774-1fx00-0ab0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "AAF3FA1B-6774-4AC1-B040-BE5815859FD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5774-1fx00-0ab6_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "92E3C47A-CCF6-4B3B-9B08-5D03186C817D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5774-1fx00-0ab6:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "EC1F4E15-3C06-4133-8435-1A76ACD6EF62",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5774-1fy00-0ta0_firmware:-:*:*:*:*:*:m12_ecc:*",
"matchCriteriaId": "403F0AD8-E663-479C-A45B-352B257F0247",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5774-1fy00-0ta0:-:*:*:*:*:*:m12_ecc:*",
"matchCriteriaId": "21439D8A-680E-489E-A1E2-4C31B49E82BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5774-1fy00-0tb0_firmware:-:*:*:*:*:*:m12_ecc:*",
"matchCriteriaId": "DF180BB2-E8DD-4B9C-92C4-A8DD5EB83446",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5774-1fy00-0tb0:-:*:*:*:*:*:m12_ecc:*",
"matchCriteriaId": "A2C0E215-F905-4B16-9D80-81B440BA1F8F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5778-1gy00-0ta0_firmware:-:*:*:*:*:*:m12_ecc:*",
"matchCriteriaId": "9CD6B350-BA19-407D-9956-51D27A2E311C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5778-1gy00-0ta0:-:*:*:*:*:*:m12_ecc:*",
"matchCriteriaId": "EA5D4E3B-48CE-4C4A-A09E-FAEE74720091",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5778-1gy00-0tb0_firmware:-:*:*:*:*:*:m12_ecc:*",
"matchCriteriaId": "57ECC858-88F1-4456-B7ED-D3B1847F354C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5778-1gy00-0tb0:-:*:*:*:*:*:m12_ecc:*",
"matchCriteriaId": "5415EDBC-1FAB-486B-B874-B7D35860013F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5786-1fc00-0aa0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "7CB72EAF-7D3E-4C4F-A72D-9D1D085EC32A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5786-1fc00-0aa0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "889744B0-52CE-49BB-99BA-4B2B668DC3C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5786-1fc00-0ab0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "3A12493B-2032-4F3A-A994-B502BF0EC814",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5786-1fc00-0ab0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "774C7E40-0B01-4C1E-8EED-4E8A91B73E28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5786-2fc00-0aa0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "4E36CEFB-337C-4AD2-AAAC-43EF62E0E014",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5786-2fc00-0aa0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "1E4695C5-F117-42A2-B3A2-50D4777EBA53",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5786-2fc00-0ab0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "0C284514-F681-4B9E-9A1F-D3F7BE9B5C0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5786-2fc00-0ab0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "851ECBFD-AC30-46BD-82F9-267A11199D06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5786-2fc00-0ac0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "2F31CE93-B417-41B0-8060-3116347424A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5786-2fc00-0ac0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "DF581904-415F-4D9E-9A86-5342DE2FD4D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5786-2hc00-0aa0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "F0306E3A-302F-4F70-8358-C13824F023E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5786-2hc00-0aa0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "75A4F315-14FB-4E93-B74D-9E52682A6B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5786-2hc00-0ab0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "0E5EAC53-E32C-41DB-A2ED-F7DDA8F1B49A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5786-2hc00-0ab0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "BB7605ED-2ABB-4206-8ABC-3C1C1999DF17",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5788-1fc00-0aa0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "F640E706-6912-4675-A3D8-B98374CB3324",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5788-1fc00-0aa0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "8808A2F3-ECDE-46D3-AD0F-02BE2735A6BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5788-1fc00-0ab0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "2BB7F4C9-E24F-420B-9DCA-9E7994E05971",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5788-1fc00-0ab0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "ADB85459-E2D7-4ED4-A0CB-17B68061E250",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5788-1gd00-0aa0_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "EA798D9C-36A3-41C8-B9FC-8123EC9BF452",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5788-1gd00-0aa0:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "64284790-C465-410F-B871-B0226725DDDF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5788-1gd00-0ab0_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "C7290D90-688D-4BE7-8089-095959EEC46E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5788-1gd00-0ab0:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "D5246D7B-63BF-48BC-A98D-5A0646FDE6DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5788-2fc00-0aa0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "BC05A12F-5ADB-4AC4-BBA1-A319330340E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5788-2fc00-0aa0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "54B39530-AE99-4BBA-8C59-FAC84DDEF33A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5788-2fc00-0ab0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "34480D85-D445-41FF-B0FD-5D722A487F4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5788-2fc00-0ab0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "634ADAA3-8F4A-44A5-BC88-1ED3F1EE61C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5788-2fc00-0ac0_firmware:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "9474FF4F-F936-4E72-8482-5D1C9C49C890",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5788-2fc00-0ac0:-:*:*:*:*:*:rj45:*",
"matchCriteriaId": "317D4551-6400-4E4E-8AB4-9024E4BE72E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5788-2gd00-0aa0_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "73CB46CC-6647-4AAF-B3C8-042C776B8532",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5788-2gd00-0aa0:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "0C9A1C83-A000-456A-A443-ECCC4A5900DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5788-2gd00-0ab0_firmware:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "55B91BF8-1086-4721-8829-3D017341A25A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5788-2gd00-0ab0:-:*:*:*:*:*:m12:*",
"matchCriteriaId": "ED8212AE-EC38-4F46-84FB-042AE480E53A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5788-2gd00-0ta0_firmware:-:*:*:*:*:*:m12_ecc:*",
"matchCriteriaId": "B94BFF37-65A3-4F80-81F4-85647B4C2441",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5788-2gd00-0ta0:-:*:*:*:*:*:m12_ecc:*",
"matchCriteriaId": "9D9494C4-C03A-4B92-95B9-7D68FE604257",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5788-2gd00-0tb0_firmware:-:*:*:*:*:*:m12_ecc:*",
"matchCriteriaId": "E4D701C5-F94E-4ECF-B0F2-477B7DF6630F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5788-2gd00-0tb0:-:*:*:*:*:*:m12_ecc:*",
"matchCriteriaId": "EFEFA2DE-F621-41FA-AB8A-9DF1F3762311",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6gk5788-2gd00-0tc0_firmware:-:*:*:*:*:*:m12_ecc:*",
"matchCriteriaId": "466CEF9A-C71A-41DC-AD74-21FBA163E97F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6gk5788-2gd00-0tc0:-:*:*:*:*:*:m12_ecc:*",
"matchCriteriaId": "B69D6A0A-EC16-41F1-A1E6-38FADD9A190D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en el controlador ALFA de Windows 10 versi\u00f3n 6.1316.1209 para AWUS036H. La implementaci\u00f3n de Wi-Fi no verifica la Comprobaci\u00f3n de Integridad del Mensaje (autenticidad) de las tramas TKIP fragmentadas. Un adversario puede abusar de esto para inyectar y posiblemente descifrar paquetes en redes WPA o WPA2 que admitan el protocolo de confidencialidad de datos TKIP"
}
],
"id": "CVE-2020-26141",
"lastModified": "2024-11-21T05:19:20.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-11T20:15:08.727",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.fragattacks.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.fragattacks.com"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-354"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-05 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to the targeted IP phone. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_7832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C412D40-7E0A-4FF1-9D07-21117B915509",
"versionEndExcluding": "12.7\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_7832_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A2F31BA-AF80-4C21-9FD0-A0DB1D304024",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_7832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6592E7FE-346E-4923-97C2-F5298DC802A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6158B805-6515-4DC3-AB76-1D2F7036492F",
"versionEndExcluding": "12.7\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8096985-5813-4098-BF38-FD09CB2ACBFA",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1010D16-DC6E-47A6-8BF9-C1026D975E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_6821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "327BB99F-F398-49C3-83A2-DE8392F13A51",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_6821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEFD67F1-8FB1-4F27-8B97-59DF78DE41A1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_6841_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1021FD6B-50A7-40E1-8081-F7BD80777E75",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_6841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE4960B1-22B4-4B3D-955E-684DA520A1A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_6851_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEB6D52-F968-4D81-A0E0-F9E81CCBF1AF",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_6851:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5809CA01-CF32-4E3A-A771-01D5065F0061",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_6861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E38A06CF-5C29-47EA-8E63-45DED1085864",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_6861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C05A7CA6-AD58-45D7-AF32-129E22855D8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_6871_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F94AED70-743C-4764-A342-5503649852CF",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_6871:-:*:*:*:*:*:*:*",
"matchCriteriaId": "864B486C-71F6-4EFD-8F04-BA7FC18DFD5B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7811_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80C0B9B7-C7F6-4FF8-9CDD-F823516C0F31",
"versionEndExcluding": "12.7\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7811_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A4A4B0F-3A7C-4EE9-A6ED-4C1E1C4AAD57",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7811:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7260C17-7067-47AD-995F-366A5E8B10E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEE05ACF-E50D-478A-B24D-5DFDADAC14C1",
"versionEndExcluding": "12.7\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7821_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DB7E94-661F-4447-9338-1BCB46CCE665",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7AFFF0-5B21-400B-B923-E9B7FCCE08FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7841_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3968E7-EFA1-42FF-B62B-8D76B1F9AE70",
"versionEndExcluding": "12.7\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7841_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AF864D9-B587-4FCE-BEB2-9A1EC49DF8F7",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73CF8A50-11BD-4506-BF2A-CCA36BF59EFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25CEB9EC-D645-4EFE-AAC3-8EAB120B654F",
"versionEndExcluding": "12.7\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7861_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "801FD445-7410-457C-98CC-F839427CEBD4",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E52C420C-FD54-4BE4-8720-E05307D53520",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8811_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21B5DDF7-4B8D-4E26-B816-1981F29B35AA",
"versionEndExcluding": "12.7\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8811_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE38659-4111-4D7D-8B6C-54B7D28EE5A9",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8811:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0CC3127-3152-4906-9FE0-BC6F21DCADAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8841_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C25A9EF-0963-4BEA-9183-B21CA2871C03",
"versionEndExcluding": "12.7\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8841_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F64960C-05A6-4150-9307-8890F617B077",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7944CC9C-AE08-4F30-AF65-134DADBD0FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8851_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1498AAB-2129-48F0-9985-60667F4484E4",
"versionEndExcluding": "12.7\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8851_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D85F9FDA-AA2E-4E40-A4C0-086ABA8CC238",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8851:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF6DC5E-F582-445E-BF05-2D55A0954663",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC48168-00E4-44F4-82A0-AB3A3F12E934",
"versionEndExcluding": "12.7\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6487419F-6DC3-4606-87B3-B429314E00D4",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090EE553-01D5-45F0-87A4-E1167F46EB77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8845_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13C4E4FC-0B10-4447-8EF6-9D82C833DA20",
"versionEndExcluding": "12.7\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8845_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31CC8824-E700-4D80-9F96-5076D4DA7816",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8845:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A313E64A-F43C-4FBA-A389-6171CBD709C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A8762CE-FDC4-4C8B-BA64-8867711CDB46",
"versionEndExcluding": "12.7\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECD950B5-786D-4C9C-BB33-3F9DF41891F6",
"versionEndExcluding": "11.3\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB99B9AB-64B5-4989-9579-A1BB5D2D87EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_conference_phone_8831_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9495099-FC90-46E7-8B86-1BC8B9B055B5",
"versionEndExcluding": "10.3\\(1\\)sr6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_conference_phone_8831:-:*:*:*:*:*:*:*",
"matchCriteriaId": "660475FD-8475-4968-9ED2-D83461B9A5D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_conference_phone_8831_for_third-party_call_control_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5699693-DBEC-429F-B67E-0B1625818FAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_conference_phone_8831_for_third-party_call_control:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7AA843-E37E-42A0-BD4C-9710BDD50D9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B20E2DFB-CBEB-4A0A-B099-3D5C7A973EC9",
"versionEndExcluding": "11.0\\(5\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:wireless_ip_phone_8821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F97DF354-7690-417E-B223-72C8BDA36DA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821-ex_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A40EB66A-AEA5-449A-B025-996882A25DC9",
"versionEndExcluding": "11.0\\(5\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:wireless_ip_phone_8821-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26CAE4C7-EADB-41A9-BE48-1A4F3D8D3D7A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to the targeted IP phone. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de Cisco Discovery Protocol para Cisco IP Phone, podr\u00eda permitir a un atacante adyacente no autenticado ejecutar c\u00f3digo remotamente con privilegios root o causar una recarga de un tel\u00e9fono IP afectado. La vulnerabilidad es debido a una falta de comprobaciones cuando se procesan los mensajes de Cisco Discovery Protocol. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete de Cisco Discovery Protocol dise\u00f1ado hacia el tel\u00e9fono IP apuntado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo remotamente con privilegios root o provocar una recarga de un tel\u00e9fono IP afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Cisco Discovery Protocol es un protocolo de Capa 2. Para explotar esta vulnerabilidad, un atacante debe encontrarse en el mismo dominio de difusi\u00f3n que el dispositivo afectado (Capa 2 adyacente)."
}
],
"id": "CVE-2020-3111",
"lastModified": "2024-11-21T05:30:20.897",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-05T18:15:10.783",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-14 05:15
Modified
2024-11-21 06:43
Severity ?
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html | Exploit, Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://seclists.org/fulldisclosure/2022/Jan/34 | Mailing List, Third Party Advisory | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2022/Jan/34 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_7832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E42261E2-07EC-416E-A65C-7D85584DED32",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_7832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6592E7FE-346E-4923-97C2-F5298DC802A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9BC28D-0BC0-45CB-A87B-59F407F3A210",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1010D16-DC6E-47A6-8BF9-C1026D975E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7811_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38F67250-E4D0-48BE-928E-EF1BB4005940",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7811:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7260C17-7067-47AD-995F-366A5E8B10E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD40B5EB-D356-42D4-9464-67D0481460A9",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7AFFF0-5B21-400B-B923-E9B7FCCE08FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7841_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67895EA8-C707-4228-A8A2-4654E2B912CA",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73CF8A50-11BD-4506-BF2A-CCA36BF59EFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F83ED1C8-1655-46EC-B1F5-4BD1D519057D",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E52C420C-FD54-4BE4-8720-E05307D53520",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8811_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41F875DA-AF0C-49CE-8BC5-DD1E0702FACF",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8811:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0CC3127-3152-4906-9FE0-BC6F21DCADAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8841_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFACDCE6-95B3-45A7-86D3-18F3A78D5AF7",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7944CC9C-AE08-4F30-AF65-134DADBD0FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8845_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "280BC438-AF6B-464B-A283-CE183C06E13B",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8845:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A313E64A-F43C-4FBA-A389-6171CBD709C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8851_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64E92C6B-5BA7-4C5F-B262-AE20F3951923",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8851:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF6DC5E-F582-445E-BF05-2D55A0954663",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E3B94C-BA7B-481A-AF4D-2FCF5E81D7B6",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090EE553-01D5-45F0-87A4-E1167F46EB77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9A7F857-A3D7-43DA-8E94-FDA0EE542C39",
"versionEndExcluding": "14.1\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB99B9AB-64B5-4989-9579-A1BB5D2D87EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_conference_phone_8831_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22846195-008E-4D1B-A0C3-3364B141EC5F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_conference_phone_8831:-:*:*:*:*:*:*:*",
"matchCriteriaId": "660475FD-8475-4968-9ED2-D83461B9A5D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_conference_phone_8831_for_third-party_call_control_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5699693-DBEC-429F-B67E-0B1625818FAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_conference_phone_8831_for_third-party_call_control:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7AA843-E37E-42A0-BD4C-9710BDD50D9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_7945g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "361613B3-A977-4E2A-8D41-EDE85F1D9623",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7945g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5980E646-CA07-4222-A9DD-A71306A4A678",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_7965g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F52E0123-63EF-40FB-85B7-2C2838CBF3BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7965g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF30D1CC-D27F-49FF-9C63-BB890002D1C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_7975g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "415AE68B-E623-4B95-89CA-1F3C2C96A33C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_7975g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA879B6-04D6-402A-8F38-8A7CB34D76F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_sip_phone_3905_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1B36FBC-7879-4AE5-8D28-2A5BE8C88356",
"versionEndExcluding": "9.4\\(1\\)sr5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_sip_phone_3905:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14E1313A-F2D4-4F40-BC50-2D1BA2BBB4C7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59A19DB2-1E3A-40AC-B265-878E9B568E8C",
"versionEndExcluding": "11.0\\(6\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:wireless_ip_phone_8821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F97DF354-7690-417E-B223-72C8BDA36DA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821-ex_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "039BF626-1168-44E3-90E4-0C2BE311FA3E",
"versionEndExcluding": "11.0\\(6\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:wireless_ip_phone_8821-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26CAE4C7-EADB-41A9-BE48-1A4F3D8D3D7A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la arquitectura de almacenamiento de informaci\u00f3n de varios modelos de tel\u00e9fonos IP de Cisco podr\u00eda permitir a un atacante f\u00edsico no autenticado obtener informaci\u00f3n confidencial de un dispositivo afectado. Esta vulnerabilidad es debido al almacenamiento no cifrado de informaci\u00f3n confidencial en un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad al extraer f\u00edsicamente y acceder a uno de los chips de memoria flash. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante obtener informaci\u00f3n confidencial del dispositivo, que podr\u00eda ser usada para ataques posteriores"
}
],
"id": "CVE-2022-20660",
"lastModified": "2024-11-21T06:43:15.693",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-14T05:15:11.083",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Jan/34"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Jan/34"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}