All the vulnerabilites related to cisco - ip_phone_8800_firmware
Vulnerability from fkie_nvd
Published
2021-07-22 17:15
Modified
2024-11-21 06:08
Severity ?
Summary
The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This, for example, affects certain Cisco IP Phone and Wireless IP Phone products before 2021-07-07. Exploitation is possible only when the attacker can disassemble the device in order to control the voltage/current for chip pins.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D455DEFE-21EB-4097-80DE-15E64D693B83",
"versionEndExcluding": "14.0\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8800_series_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFADE09-8296-4358-B7B2-3A1DB820F942",
"versionEndExcluding": "11.3\\(4\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8811_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A479FA93-5249-4BEE-8FC1-3C9BBC0F8AB4",
"versionEndExcluding": "14.0\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8811_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90C80E75-CE8A-48A7-9BA9-6F75DBC8DF30",
"versionEndExcluding": "11.3\\(4\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8841_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30778C3F-B616-428D-A53F-18C6345B8176",
"versionEndExcluding": "14.0\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8841_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD84FA6-82D0-4777-8FB9-9B2B09374B0A",
"versionEndExcluding": "11.3\\(4\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8845_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42F08B4A-7F01-4145-B410-0E85F1CE19D9",
"versionEndExcluding": "14.0\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8845_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8B2074-1F1E-4F03-BEAF-960DDA712592",
"versionEndExcluding": "11.3\\(4\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8851_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1888843-83FC-4DCC-9247-1128920DE996",
"versionEndExcluding": "14.0\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8851_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15DBBC70-588B-44F8-815B-A63CD19A892D",
"versionEndExcluding": "11.3\\(4\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E5F2C-ADBB-44A7-AAB3-8AF0CD186624",
"versionEndExcluding": "14.0\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AEBD7B8-B8E9-454C-814E-706D7F6A19F4",
"versionEndExcluding": "11.3\\(4\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E5DB741-7AEC-4BA7-80BB-BC784F849C48",
"versionEndExcluding": "14.0\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_with_multiplatform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3583AE-9C80-4666-A71A-D2E0ACC0D620",
"versionEndExcluding": "11.3\\(4\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48D89E05-BD89-45E1-9D3C-FCC8B09A3D61",
"versionEndExcluding": "11.0\\(6\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This, for example, affects certain Cisco IP Phone and Wireless IP Phone products before 2021-07-07. Exploitation is possible only when the attacker can disassemble the device in order to control the voltage/current for chip pins."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de TrustZone en determinados firmware de Broadcom MediaxChange, podr\u00eda permitir a un atacante no autenticado y f\u00edsicamente pr\u00f3ximo lograr la ejecuci\u00f3n de c\u00f3digo arbitrario en el TrustZone Trusted Execution Environment (TEE) de un dispositivo afectado. Esto, por ejemplo, afecta a determinados productos Cisco IP Phone y Wireless IP Phone anteriores a 2021-07-07. Una explotaci\u00f3n es posible s\u00f3lo cuando el atacante puede desarmar el dispositivo para controlar el voltaje y corriente de los pines del chip"
}
],
"id": "CVE-2021-33478",
"lastModified": "2024-11-21T06:08:54.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-22T17:15:09.510",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-brcm-mxc-jul2021-26LqUZUh"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-brcm-mxc-jul2021-26LqUZUh"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-22 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to critical services and cause a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ip_phone_8821_firmware | * | |
| cisco | ip_phone_8821 | - | |
| cisco | ip_phone_8821-ex_firmware | * | |
| cisco | ip_phone_8821-ex | - | |
| cisco | ip_conference_phone_8832_firmware | * | |
| cisco | ip_conference_phone_8832 | - | |
| cisco | ip_phone_8800_firmware | * | |
| cisco | ip_phone_8800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3F2457-858E-40FA-85D1-6F7D2F159881",
"versionEndExcluding": "11.0\\(5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36C99E0B-0383-4CB3-B325-EC0F3D57D39D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821-ex_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7964E7B4-DC9E-4278-9F0F-A992C4B0A9A1",
"versionEndExcluding": "11.0\\(5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE56B858-B59D-4197-9B2A-33A03908B967",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A670F039-B178-4D87-A8E8-56A13C1D3900",
"versionEndExcluding": "12.5\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1010D16-DC6E-47A6-8BF9-C1026D975E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97B45071-9689-4D89-AD75-5170DA2E7A29",
"versionEndExcluding": "12.5\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BBEA07-3154-4270-B865-D4AD26EB3B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to critical services and cause a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de gesti\u00f3n web de Session Initiation Protocol (SIP) en los tel\u00e9fonos Cisco IP 8800 Series podr\u00eda permitir que un atacante remoto sin autenticar omita la autorizaci\u00f3n, acceda a servicios cr\u00edticos y provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad existe debido a que el software no sanea las URL antes de manejar las peticiones. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una URL manipulada. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante obtenga acceso a servicios cr\u00edticos y provoque una denegaci\u00f3n de servicio (DoS). La vulnerabilidad afecta a los productos Cisco IP Phone 8800 Series que ejecutan una versi\u00f3n de software SIP anterior a la 11.0(5) para Wireless IP Phone 8821 y 8821-EX; y 12.5(1)SR1 para IP Conference Phone 8832 y el resto de IP Phone 8800 Series. Cisco IP Conference Phone 8831 no se ha visto afectado."
}
],
"id": "CVE-2019-1763",
"lastModified": "2024-11-21T04:37:19.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-22T20:29:00.400",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipab"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipab"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-22 20:29
Modified
2024-11-21 04:37
Severity ?
8.1 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. The vulnerability is due to insufficient input validation and file-level permissions. An attacker could exploit this vulnerability by uploading invalid files to an affected device. A successful exploit could allow the attacker to write files in arbitrary locations on the filesystem. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ip_phone_8821_firmware | * | |
| cisco | ip_phone_8821 | - | |
| cisco | ip_phone_8821-ex_firmware | * | |
| cisco | ip_phone_8821-ex | - | |
| cisco | ip_conference_phone_8832_firmware | * | |
| cisco | ip_conference_phone_8832 | - | |
| cisco | ip_phone_8800_firmware | * | |
| cisco | ip_phone_8800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3F2457-858E-40FA-85D1-6F7D2F159881",
"versionEndExcluding": "11.0\\(5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36C99E0B-0383-4CB3-B325-EC0F3D57D39D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821-ex_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7964E7B4-DC9E-4278-9F0F-A992C4B0A9A1",
"versionEndExcluding": "11.0\\(5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE56B858-B59D-4197-9B2A-33A03908B967",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A670F039-B178-4D87-A8E8-56A13C1D3900",
"versionEndExcluding": "12.5\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1010D16-DC6E-47A6-8BF9-C1026D975E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97B45071-9689-4D89-AD75-5170DA2E7A29",
"versionEndExcluding": "12.5\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BBEA07-3154-4270-B865-D4AD26EB3B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. The vulnerability is due to insufficient input validation and file-level permissions. An attacker could exploit this vulnerability by uploading invalid files to an affected device. A successful exploit could allow the attacker to write files in arbitrary locations on the filesystem. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de gesti\u00f3n web de Session Initiation Protocol (SIP) en los tel\u00e9fonos Cisco IP 8800 Series podr\u00eda permitir que un atacante remoto autenticado escriba archivos arbitrarios en el sistema de archivos. La vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente y a permisos a nivel de archivo. Un atacante podr\u00eda explotar esta vulnerabilidad subiendo archivos inv\u00e1lidos a un dispositivo afectado. Un exploit exitoso podr\u00eda permitir que el atacante escriba archivos en ubicaciones arbitrarias en el sistema de archivos. La vulnerabilidad afecta a los productos Cisco IP Phone 8800 Series que ejecutan una versi\u00f3n de software SIP anterior a la 11.0(5) para Wireless IP Phone 8821 y 8821-EX; y 12.5(1)SR1 para IP Conference Phone 8832 y el resto de IP Phone 8800 Series."
}
],
"id": "CVE-2019-1765",
"lastModified": "2024-11-21T04:37:19.630",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-22T20:29:00.477",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipptv"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipptv"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-22 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software does not restrict the maximum size of certain files that can be written to disk. An attacker who has valid administrator credentials for an affected system could exploit this vulnerability by sending a crafted, remote connection request to an affected system. A successful exploit could allow the attacker to write a file that consumes most of the available disk space on the system, causing application functions to operate abnormally and leading to a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 12.5(1)SR1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ip_phone_8800_firmware | * | |
| cisco | ip_phone_8800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97B45071-9689-4D89-AD75-5170DA2E7A29",
"versionEndExcluding": "12.5\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BBEA07-3154-4270-B865-D4AD26EB3B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software does not restrict the maximum size of certain files that can be written to disk. An attacker who has valid administrator credentials for an affected system could exploit this vulnerability by sending a crafted, remote connection request to an affected system. A successful exploit could allow the attacker to write a file that consumes most of the available disk space on the system, causing application functions to operate abnormally and leading to a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 12.5(1)SR1."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de gesti\u00f3n web de Session Initiation Protocol (SIP) en los tel\u00e9fonos Cisco IP 8800 Series podr\u00eda permitir que un atacante remoto sin autenticar provoque un gran uso del disco, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad existe debido a que el software afectado no restringe el tama\u00f1o m\u00e1ximo de ciertos archivos que pueden escribirse en el disco. Un atacante que tenga credenciales de administrador v\u00e1lidas para un sistema afectado podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n de conexi\u00f3n a un sistema afectado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante escriba un archivo que consume la mayor parte del espacio de disco disponible en el sistema, haciendo que las funciones de la aplicaci\u00f3n operen de forma anormal y conduciendo a una denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad afecta a los productos Cisco IP Phone 8800 Series que ejecutan una distribuci\u00f3n de SIP anterior a la 12.5(1)SR1."
}
],
"id": "CVE-2019-1766",
"lastModified": "2024-11-21T04:37:19.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-22T20:29:00.510",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipfudos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipfudos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-17 03:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to incomplete input validation of SIP Session Description Protocol (SDP) parameters by the SDP parser of an affected phone. An attacker could exploit this vulnerability by sending a malformed SIP packet to an affected phone. A successful exploit could allow the attacker to cause all active phone calls on the affected phone to be dropped while the SIP process on the phone unexpectedly restarts, resulting in a DoS condition. Cisco Bug IDs: CSCvf40066.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/104202 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1040927 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-ip-phone-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104202 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040927 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-ip-phone-dos | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ip_phone_8800_firmware | 9.4\(2\)sr4 | |
| cisco | ip_phone_8800_firmware | 10.3\(1\)sr4 | |
| cisco | ip_phone_8800 | - | |
| cisco | ip_phone_7800_firmware | * | |
| cisco | ip_phone_7800 | - | |
| cisco | ip_phone_7800_firmware | * | |
| cisco | ip_phone_7800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8800_firmware:9.4\\(2\\)sr4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F47D1FC-4F02-4118-B9A8-CEAC06A9FAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8800_firmware:10.3\\(1\\)sr4:*:*:*:*:*:*:*",
"matchCriteriaId": "F63E0334-2895-410E-BCE9-95A73825AF8F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BBEA07-3154-4270-B865-D4AD26EB3B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00D16986-6C5D-4DF1-8B4C-107D7E715C62",
"versionEndExcluding": "12.1\\(1.12\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF03D5F2-0483-409B-90F0-A1430774A258",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B88BCB29-F97D-4CEE-B350-CC74F5046E66",
"versionEndExcluding": "12.1\\(1\\)mn130",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF03D5F2-0483-409B-90F0-A1430774A258",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to incomplete input validation of SIP Session Description Protocol (SDP) parameters by the SDP parser of an affected phone. An attacker could exploit this vulnerability by sending a malformed SIP packet to an affected phone. A successful exploit could allow the attacker to cause all active phone calls on the affected phone to be dropped while the SIP process on the phone unexpectedly restarts, resulting in a DoS condition. Cisco Bug IDs: CSCvf40066."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad de gesti\u00f3n de llamadas SIP (Session Initiation Protocol) de los tel\u00e9fonos Session Initiation Protocol de las series 7800 y 8800 podr\u00eda permitir que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio (DoS) en un tel\u00e9fono afectado. La vulnerabilidad se debe a la validaci\u00f3n de entradas incorrecta de los par\u00e1metros SIP Session Description Protocol (SDP) mediante el analizador SDP de un tel\u00e9fono afectado. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una un paquete SIP mal formado al tel\u00e9fono afectado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante provoque que todas las llamadas de tel\u00e9fono activas en el tel\u00e9fono afectado se cuelguen mientras el proceso SIP se reinicia inesperadamente, lo que resulta en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Cisco Bug IDs: CSCvf40066."
}
],
"id": "CVE-2018-0325",
"lastModified": "2024-11-21T03:37:58.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-17T03:29:00.810",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104202"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040927"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-ip-phone-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040927"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-ip-phone-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-02-21 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/107104 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107104 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89D9BF57-C162-41AD-9A1F-E5FAEB6236E5",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BBEA07-3154-4270-B865-D4AD26EB3B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD7E41E-0B06-4BE2-8261-DD3E6CC1ADF7",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF03D5F2-0483-409B-90F0-A1430774A258",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_7832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "206B3B82-6BE3-4A83-82AC-1B8833B3C6CF",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_7832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6592E7FE-346E-4923-97C2-F5298DC802A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "220D7909-9F20-477A-936B-DF18481981DC",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1010D16-DC6E-47A6-8BF9-C1026D975E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7811_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "039A38D4-3002-4302-95B3-76F101C9E83C",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7811:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7260C17-7067-47AD-995F-366A5E8B10E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54A10DA5-A0BD-4E49-A08C-65163D51A912",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7AFFF0-5B21-400B-B923-E9B7FCCE08FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7841_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7FF8A4E-D04D-4763-852F-7BB48582B74D",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73CF8A50-11BD-4506-BF2A-CCA36BF59EFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70632BDA-2393-4C38-94FA-40622AFBFB37",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E52C420C-FD54-4BE4-8720-E05307D53520",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8811_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8710D204-9591-4979-9EE9-0CC57A6B022E",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8811:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0CC3127-3152-4906-9FE0-BC6F21DCADAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8841_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEDCA435-694F-45BD-BC3D-F6A4CD9514A2",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7944CC9C-AE08-4F30-AF65-134DADBD0FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8845_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9C9562-7698-4F77-8423-BE601C089DF1",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8845:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A313E64A-F43C-4FBA-A389-6171CBD709C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8851_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "569C0ABC-5507-4009-A1C0-C4A4E91B39A1",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8851:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF6DC5E-F582-445E-BF05-2D55A0954663",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B33943D1-224E-441D-A426-DABBAE047657",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090EE553-01D5-45F0-87A4-E1167F46EB77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1262C94-C8B0-4266-A369-6AA960F2FA78",
"versionEndExcluding": "12.6\\(1\\)mn80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB99B9AB-64B5-4989-9579-A1BB5D2D87EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de Cisco Discovery Protocol o en Link Layer Discovery Protocol (LLDP) en Cisco IP Phone 7800 and 8800 Series podr\u00eda permitir que un atacante adyacente no autenticado provoque que un tel\u00e9fono afectado se recargue inesperadamente, lo que resulta en una condici\u00f3n temporal de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a la falta de una validaci\u00f3n de longitud de determinados campos de cabeceras de paquetes Cisco Discovery Protocol o LLDP. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un paquete Cisco Discovery Protocol o LLDP malicioso al tel\u00e9fono objetivo. Si se explota con \u00e9xito, podr\u00eda permitir que el atacante consiga que el tel\u00e9fono afectado se reinicie, provocando una denegaci\u00f3n de servicio (DoS) temporal. Todas las versiones anteriores a la 12.6(1)MN80 se ven afectadas."
}
],
"id": "CVE-2019-1684",
"lastModified": "2024-11-21T04:37:05.597",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-02-21T20:29:00.337",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107104"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-22 20:29
Modified
2024-11-21 04:37
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code. The vulnerability exists because the software improperly validates user-supplied input during user authentication. An attacker could exploit this vulnerability by connecting to an affected device using HTTP and supplying malicious user credentials. A successful exploit could allow the attacker to trigger a reload of an affected device, resulting in a DoS condition, or to execute arbitrary code with the privileges of the app user. Cisco fixed this vulnerability in the following SIP Software releases: 10.3(1)SR5 and later for Cisco Unified IP Conference Phone 8831; 11.0(4)SR3 and later for Cisco Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 and later for the rest of the Cisco IP Phone 7800 Series and 8800 Series.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF44E183-3663-4805-B8B5-DDD73B7D4BBB",
"versionEndExcluding": "11.0\\(4\\)sr3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36C99E0B-0383-4CB3-B325-EC0F3D57D39D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821-ex_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C03FE12B-C853-4BD2-A2C6-E16714CCD582",
"versionEndExcluding": "11.0\\(4\\)sr3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE56B858-B59D-4197-9B2A-33A03908B967",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2156412-18B6-4CA2-850D-E6C15EF2820B",
"versionEndExcluding": "12.5\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD555A01-346C-40E8-B956-1246095967AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97B45071-9689-4D89-AD75-5170DA2E7A29",
"versionEndExcluding": "12.5\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BBEA07-3154-4270-B865-D4AD26EB3B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_conferenece_phone_8831_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECBF37AF-9846-4550-B3DE-7ECE3DED4E63",
"versionEndExcluding": "10.3\\(1\\)sr5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_conferenece_phone_8831:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7173A2F4-EE73-47AC-B920-F7C0F3E47EEB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code. The vulnerability exists because the software improperly validates user-supplied input during user authentication. An attacker could exploit this vulnerability by connecting to an affected device using HTTP and supplying malicious user credentials. A successful exploit could allow the attacker to trigger a reload of an affected device, resulting in a DoS condition, or to execute arbitrary code with the privileges of the app user. Cisco fixed this vulnerability in the following SIP Software releases: 10.3(1)SR5 and later for Cisco Unified IP Conference Phone 8831; 11.0(4)SR3 and later for Cisco Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 and later for the rest of the Cisco IP Phone 7800 Series and 8800 Series."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de gesti\u00f3n web de SIP (Session Initiation Protocol) de los tel\u00e9fonos Cisco IP de la serie 7800 podr\u00eda permitir que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio (DoS) o ejecute c\u00f3digo arbitrario. La vulnerabilidad existe debido a que el software valida incorrectamente las entradas proporcionadas por el usuario durante la autenticaci\u00f3n de usuario. Un atacante podr\u00eda explotar esta vulnerabilidad conect\u00e1ndose a un dispositivo afectado mediante HTTP y proporcionando credenciales maliciosas de usuario. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante desencadene la recarga de un dispositivo afectado, lo que resulta en una condici\u00f3n de denegaci\u00f3n de servicio (DoS), o ejecute c\u00f3digo arbitrario con los privilegios del usuario de la app. Cisco solucion\u00f3 esta vulnerabilidad en los siguientes lanzamientos de software SIP: 10.3(1)SR5 y siguientes para Cisco Unified IP Conference Phone 8831; 11.0(4)SR3 y siguientes para Cisco Wireless IP Phone 8821 y 8821-EX; y 12.5(1)SR1 y siguientes para el resto de Cisco IP Phone 7800 Series y 8800 Series."
}
],
"id": "CVE-2019-1716",
"lastModified": "2024-11-21T04:37:09.980",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-22T20:29:00.353",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-rce"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-rce"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-20 07:15
Modified
2024-11-21 07:40
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3603E753-AD60-4AF0-8FA8-A371260CB0C1",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF03D5F2-0483-409B-90F0-A1430774A258",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7811_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40DA5ABA-C866-4560-BE21-77B2643E8DB6",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7811:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7260C17-7067-47AD-995F-366A5E8B10E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BABDE4DB-5BAA-448E-B009-D872FC515237",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7AFFF0-5B21-400B-B923-E9B7FCCE08FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CCABEA0-842F-449C-BE24-4B1BDD32F9BF",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32D8B3FD-3157-49D3-A4BA-D4FAAB1B6D4C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7841_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7667725-6B7B-4A04-890D-7487B58EC256",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73CF8A50-11BD-4506-BF2A-CCA36BF59EFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_7861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "702F4804-A675-4222-9AAE-2C5EF7D99001",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_7861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E52C420C-FD54-4BE4-8720-E05307D53520",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02291A1F-29F1-4972-9CD9-E09116DF80C5",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BBEA07-3154-4270-B865-D4AD26EB3B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8811_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F8D7A6A-1279-42A9-9FE9-1F6C8F765D17",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8811:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0CC3127-3152-4906-9FE0-BC6F21DCADAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A4D6EB2-404C-48CD-9F24-4845A95BA0AE",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36C99E0B-0383-4CB3-B325-EC0F3D57D39D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821-ex_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAFDFD58-C58F-4967-9E85-6FAE66346E37",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE56B858-B59D-4197-9B2A-33A03908B967",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8831_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5334C11E-B07E-49A5-95CA-536630CEA788",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8831:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF13D70B-1F27-4B3F-83FD-EF9688F1D123",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA83664-C710-4B45-B09F-3E29A2EB6638",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5EA5C6B-243B-419A-9C60-1CDBD039C1D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8841_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C26834-45D8-4B0D-A08C-BE0594EEAB4F",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8841:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7944CC9C-AE08-4F30-AF65-134DADBD0FA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8845_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33C51A07-3C77-4DDC-9C4F-E5E3BE55268E",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8845:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A313E64A-F43C-4FBA-A389-6171CBD709C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8851_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2196ED9F-DA82-4D70-9BC2-97673A96B881",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8851:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF6DC5E-F582-445E-BF05-2D55A0954663",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8861_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBDA235-4866-4058-82F5-27297E1923BF",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090EE553-01D5-45F0-87A4-E1167F46EB77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8865_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9249A092-250D-4BB8-AEEA-3B2190246223",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB99B9AB-64B5-4989-9579-A1BB5D2D87EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phones_8832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24A5CEB2-54CA-46D0-872D-90AAB39C9023",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phones_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B980D4B-63D0-4786-AD62-FFE49FED33FD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_8851nr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18741BE2-B397-4F53-9845-4CB8AF7E65DD",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_8851nr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B021B260-CD3C-4EA5-9A2C-FE80B4ACA787",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:unified_ip_phone_8865nr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEC15D2-210D-49B1-898D-591AA318CC82",
"versionEndExcluding": "14.1\\(1\\)sr2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:unified_ip_phone_8865nr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB7D543-296F-44AE-9335-BF3244F21E55",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "503FE588-7543-45A1-A742-4657A5CC2DE8",
"versionEndExcluding": "11.0\\(6\\)sr4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:wireless_ip_phone_8821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F97DF354-7690-417E-B223-72C8BDA36DA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:wireless_ip_phone_8821-ex_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09F02957-0FED-4D40-B42D-529C0FCEF252",
"versionEndExcluding": "11.0\\(6\\)sr4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:wireless_ip_phone_8821-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26CAE4C7-EADB-41A9-BE48-1A4F3D8D3D7A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los tel\u00e9fonos Cisco IP Phone de las series 7800 y 8800 podr\u00eda permitir que un atacante remoto no autenticado omita la autenticaci\u00f3n en un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud manipulada a la interfaz de administraci\u00f3n basada en web. Un exploit exitoso podr\u00eda permitir al atacante acceder a ciertas partes de la interfaz web que normalmente requerir\u00edan autenticaci\u00f3n."
}
],
"id": "CVE-2023-20018",
"lastModified": "2024-11-21T07:40:21.247",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-20T07:15:13.633",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-auth-bypass-pSqxZRPR"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-auth-bypass-pSqxZRPR"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-288"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-22 20:29
Modified
2024-11-21 04:37
Severity ?
8.1 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ip_phone_8821_firmware | * | |
| cisco | ip_phone_8821 | - | |
| cisco | ip_phone_8821-ex_firmware | * | |
| cisco | ip_phone_8821-ex | - | |
| cisco | ip_conference_phone_8832_firmware | * | |
| cisco | ip_conference_phone_8832 | - | |
| cisco | ip_phone_8800_firmware | * | |
| cisco | ip_phone_8800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3F2457-858E-40FA-85D1-6F7D2F159881",
"versionEndExcluding": "11.0\\(5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36C99E0B-0383-4CB3-B325-EC0F3D57D39D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8821-ex_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7964E7B4-DC9E-4278-9F0F-A992C4B0A9A1",
"versionEndExcluding": "11.0\\(5\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8821-ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE56B858-B59D-4197-9B2A-33A03908B967",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_conference_phone_8832_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A670F039-B178-4D87-A8E8-56A13C1D3900",
"versionEndExcluding": "12.5\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_conference_phone_8832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1010D16-DC6E-47A6-8BF9-C1026D975E3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ip_phone_8800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97B45071-9689-4D89-AD75-5170DA2E7A29",
"versionEndExcluding": "12.5\\(1\\)sr1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ip_phone_8800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BBEA07-3154-4270-B865-D4AD26EB3B42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de gesti\u00f3n web de Session Initiation Protocol (SIP) en los tel\u00e9fonos Cisco IP 8800 Series podr\u00eda permitir que un atacante remoto sin autenticar lleve a cabo un ataque Cross-Site Request Forgery (CSRF). La vulnerabilidad se debe a la medidas de protecci\u00f3n contra CSRF insuficientes para la interfaz de administraci\u00f3n web de un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad haciendo que un usuario autenticado de la interfaz siga un enlace manipulado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante realice acciones arbitrarias en un dispositivo objetivo mediante un navegador web y con los privilegios del usuario. La vulnerabilidad afecta a los productos Cisco IP Phone 8800 Series que ejecutan una versi\u00f3n de software SIP anterior a la 11.0(5) para Wireless IP Phone 8821 y 8821-EX; y 12.5(1)SR1 para IP Conference Phone 8832 y el resto de IP Phone 8800 Series. Cisco IP Conference Phone 8831 no se ha visto afectado."
}
],
"id": "CVE-2019-1764",
"lastModified": "2024-11-21T04:37:19.503",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-22T20:29:00.447",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-csrf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-csrf"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2018-0325
Vulnerability from cvelistv5
Published
2018-05-17 03:00
Modified
2024-11-29 15:08
Severity ?
EPSS score ?
Summary
A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to incomplete input validation of SIP Session Description Protocol (SDP) parameters by the SDP parser of an affected phone. An attacker could exploit this vulnerability by sending a malformed SIP packet to an affected phone. A successful exploit could allow the attacker to cause all active phone calls on the affected phone to be dropped while the SIP process on the phone unexpectedly restarts, resulting in a DoS condition. Cisco Bug IDs: CSCvf40066.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1040927 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-ip-phone-dos | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/104202 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco IP Phone 7800 Series and 8800 Series |
Version: Cisco IP Phone 7800 Series and 8800 Series |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040927",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040927"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-ip-phone-dos"
},
{
"name": "104202",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104202"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0325",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:43:54.669040Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:08:15.978Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP Phone 7800 Series and 8800 Series",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco IP Phone 7800 Series and 8800 Series"
}
]
}
],
"datePublic": "2018-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to incomplete input validation of SIP Session Description Protocol (SDP) parameters by the SDP parser of an affected phone. An attacker could exploit this vulnerability by sending a malformed SIP packet to an affected phone. A successful exploit could allow the attacker to cause all active phone calls on the affected phone to be dropped while the SIP process on the phone unexpectedly restarts, resulting in a DoS condition. Cisco Bug IDs: CSCvf40066."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-19T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1040927",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040927"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-ip-phone-dos"
},
{
"name": "104202",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104202"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0325",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IP Phone 7800 Series and 8800 Series",
"version": {
"version_data": [
{
"version_value": "Cisco IP Phone 7800 Series and 8800 Series"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to incomplete input validation of SIP Session Description Protocol (SDP) parameters by the SDP parser of an affected phone. An attacker could exploit this vulnerability by sending a malformed SIP packet to an affected phone. A successful exploit could allow the attacker to cause all active phone calls on the affected phone to be dropped while the SIP process on the phone unexpectedly restarts, resulting in a DoS condition. Cisco Bug IDs: CSCvf40066."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040927",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040927"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-ip-phone-dos",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-ip-phone-dos"
},
{
"name": "104202",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104202"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0325",
"datePublished": "2018-05-17T03:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T15:08:15.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1716
Vulnerability from cvelistv5
Published
2019-03-22 20:05
Modified
2024-11-19 19:14
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code. The vulnerability exists because the software improperly validates user-supplied input during user authentication. An attacker could exploit this vulnerability by connecting to an affected device using HTTP and supplying malicious user credentials. A successful exploit could allow the attacker to trigger a reload of an affected device, resulting in a DoS condition, or to execute arbitrary code with the privileges of the app user. Cisco fixed this vulnerability in the following SIP Software releases: 10.3(1)SR5 and later for Cisco Unified IP Conference Phone 8831; 11.0(4)SR3 and later for Cisco Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 and later for the rest of the Cisco IP Phone 7800 Series and 8800 Series.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-rce | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Cisco Unified IP Conference Phone 8831 |
Version: unspecified < 10.3(1)SR5 |
||||||||
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190320 Cisco IP Phone 7800 Series and 8800 Series Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-rce"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1716",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:25:11.997153Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:14:27.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified IP Conference Phone 8831",
"vendor": "Cisco",
"versions": [
{
"lessThan": "10.3(1)SR5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Cisco Wireless IP Phone 8821 and 8821-EX",
"vendor": "Cisco",
"versions": [
{
"lessThan": "11.0(4)SR3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Cisco IP Phone 7800 Series and 8800 Series",
"vendor": "Cisco",
"versions": [
{
"lessThan": "12.5(1)SR1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code. The vulnerability exists because the software improperly validates user-supplied input during user authentication. An attacker could exploit this vulnerability by connecting to an affected device using HTTP and supplying malicious user credentials. A successful exploit could allow the attacker to trigger a reload of an affected device, resulting in a DoS condition, or to execute arbitrary code with the privileges of the app user. Cisco fixed this vulnerability in the following SIP Software releases: 10.3(1)SR5 and later for Cisco Unified IP Conference Phone 8831; 11.0(4)SR3 and later for Cisco Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 and later for the rest of the Cisco IP Phone 7800 Series and 8800 Series."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-22T20:05:39",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190320 Cisco IP Phone 7800 Series and 8800 Series Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-rce"
}
],
"source": {
"advisory": "cisco-sa-20190320-ip-phone-rce",
"defect": [
[
"CSCvn56168",
"CSCvn72540",
"CSCvo05687"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 7800 Series and 8800 Series Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-20T16:00:00-0700",
"ID": "CVE-2019-1716",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone 7800 Series and 8800 Series Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Unified IP Conference Phone 8831",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "10.3(1)SR5"
}
]
}
},
{
"product_name": "Cisco Wireless IP Phone 8821 and 8821-EX",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "11.0(4)SR3"
}
]
}
},
{
"product_name": "Cisco IP Phone 7800 Series and 8800 Series",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "12.5(1)SR1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code. The vulnerability exists because the software improperly validates user-supplied input during user authentication. An attacker could exploit this vulnerability by connecting to an affected device using HTTP and supplying malicious user credentials. A successful exploit could allow the attacker to trigger a reload of an affected device, resulting in a DoS condition, or to execute arbitrary code with the privileges of the app user. Cisco fixed this vulnerability in the following SIP Software releases: 10.3(1)SR5 and later for Cisco Unified IP Conference Phone 8831; 11.0(4)SR3 and later for Cisco Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 and later for the rest of the Cisco IP Phone 7800 Series and 8800 Series."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190320 Cisco IP Phone 7800 Series and 8800 Series Remote Code Execution Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-rce"
}
]
},
"source": {
"advisory": "cisco-sa-20190320-ip-phone-rce",
"defect": [
[
"CSCvn56168",
"CSCvn72540",
"CSCvo05687"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1716",
"datePublished": "2019-03-22T20:05:39.910639Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T19:14:27.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1764
Vulnerability from cvelistv5
Published
2019-03-22 20:05
Modified
2024-11-21 19:42
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-csrf | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Cisco Wireless IP Phone 8821 and 8821-EX |
Version: unspecified < 11.0(5) |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190320 Cisco IP Phone 8800 Series Cross-Site Request Forgery Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-csrf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1764",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:59:54.512055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:42:07.909Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Wireless IP Phone 8821 and 8821-EX",
"vendor": "Cisco",
"versions": [
{
"lessThan": "11.0(5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Cisco IP Conference Phone 8832 and the rest of the IP Phone 8800 Series",
"vendor": "Cisco",
"versions": [
{
"lessThan": "12.5(1)SR1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-22T20:05:29",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190320 Cisco IP Phone 8800 Series Cross-Site Request Forgery Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-csrf"
}
],
"source": {
"advisory": "cisco-sa-20190320-ip-phone-csrf",
"defect": [
[
"CSCvn56221",
"CSCvo57629"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 8800 Series Cross-Site Request Forgery Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-20T16:00:00-0700",
"ID": "CVE-2019-1764",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone 8800 Series Cross-Site Request Forgery Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Wireless IP Phone 8821 and 8821-EX",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "11.0(5)"
}
]
}
},
{
"product_name": "Cisco IP Conference Phone 8832 and the rest of the IP Phone 8800 Series",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "12.5(1)SR1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190320 Cisco IP Phone 8800 Series Cross-Site Request Forgery Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-csrf"
}
]
},
"source": {
"advisory": "cisco-sa-20190320-ip-phone-csrf",
"defect": [
[
"CSCvn56221",
"CSCvo57629"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1764",
"datePublished": "2019-03-22T20:05:29.129200Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:42:07.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-33478
Vulnerability from cvelistv5
Published
2021-07-22 16:53
Modified
2024-08-03 23:50
Severity ?
EPSS score ?
Summary
The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This, for example, affects certain Cisco IP Phone and Wireless IP Phone products before 2021-07-07. Exploitation is possible only when the attacker can disassemble the device in order to control the voltage/current for chip pins.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:50:42.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-brcm-mxc-jul2021-26LqUZUh"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This, for example, affects certain Cisco IP Phone and Wireless IP Phone products before 2021-07-07. Exploitation is possible only when the attacker can disassemble the device in order to control the voltage/current for chip pins."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-22T16:53:32",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-brcm-mxc-jul2021-26LqUZUh"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-33478",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This, for example, affects certain Cisco IP Phone and Wireless IP Phone products before 2021-07-07. Exploitation is possible only when the attacker can disassemble the device in order to control the voltage/current for chip pins."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-brcm-mxc-jul2021-26LqUZUh",
"refsource": "MISC",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-brcm-mxc-jul2021-26LqUZUh"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33478",
"datePublished": "2021-07-22T16:53:32",
"dateReserved": "2021-05-20T00:00:00",
"dateUpdated": "2024-08-03T23:50:42.938Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1765
Vulnerability from cvelistv5
Published
2019-03-22 20:05
Modified
2024-11-21 19:42
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. The vulnerability is due to insufficient input validation and file-level permissions. An attacker could exploit this vulnerability by uploading invalid files to an affected device. A successful exploit could allow the attacker to write files in arbitrary locations on the filesystem. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipptv | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Cisco Wireless IP Phone 8821 and 8821-EX |
Version: unspecified < 11.0(5) |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.715Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190320 Cisco IP Phone 8800 Series Path Traversal Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipptv"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1765",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:59:55.624771Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:42:16.141Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Wireless IP Phone 8821 and 8821-EX",
"vendor": "Cisco",
"versions": [
{
"lessThan": "11.0(5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Cisco IP Conference Phone 8832 and the rest of the IP Phone 8800 Series",
"vendor": "Cisco",
"versions": [
{
"lessThan": "12.5(1)SR1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. The vulnerability is due to insufficient input validation and file-level permissions. An attacker could exploit this vulnerability by uploading invalid files to an affected device. A successful exploit could allow the attacker to write files in arbitrary locations on the filesystem. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-22T20:05:23",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190320 Cisco IP Phone 8800 Series Path Traversal Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipptv"
}
],
"source": {
"advisory": "cisco-sa-20190320-ipptv",
"defect": [
[
"CSCvn56213",
"CSCvo57138"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 8800 Series Path Traversal Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-20T16:00:00-0700",
"ID": "CVE-2019-1765",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone 8800 Series Path Traversal Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Wireless IP Phone 8821 and 8821-EX",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "11.0(5)"
}
]
}
},
{
"product_name": "Cisco IP Conference Phone 8832 and the rest of the IP Phone 8800 Series",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "12.5(1)SR1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. The vulnerability is due to insufficient input validation and file-level permissions. An attacker could exploit this vulnerability by uploading invalid files to an affected device. A successful exploit could allow the attacker to write files in arbitrary locations on the filesystem. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190320 Cisco IP Phone 8800 Series Path Traversal Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipptv"
}
]
},
"source": {
"advisory": "cisco-sa-20190320-ipptv",
"defect": [
[
"CSCvn56213",
"CSCvo57138"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1765",
"datePublished": "2019-03-22T20:05:23.295708Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:42:16.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1763
Vulnerability from cvelistv5
Published
2019-03-22 20:05
Modified
2024-11-19 19:14
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to critical services and cause a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipab | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Cisco Wireless IP Phone 8821 and 8821-EX |
Version: unspecified < 11.0(5) |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190320 Cisco IP Phone 8800 Series Authorization Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipab"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1763",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:25:13.352795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:14:36.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Wireless IP Phone 8821 and 8821-EX",
"vendor": "Cisco",
"versions": [
{
"lessThan": "11.0(5)",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Cisco IP Conference Phone 8832 and the rest of the IP Phone 8800 Series",
"vendor": "Cisco",
"versions": [
{
"lessThan": "12.5(1)SR1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to critical services and cause a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-22T20:05:34",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190320 Cisco IP Phone 8800 Series Authorization Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipab"
}
],
"source": {
"advisory": "cisco-sa-20190320-ipab",
"defect": [
[
"CSCvn56175",
"CSCvo58414"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 8800 Series Authorization Bypass Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-20T16:00:00-0700",
"ID": "CVE-2019-1763",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone 8800 Series Authorization Bypass Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Wireless IP Phone 8821 and 8821-EX",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "11.0(5)"
}
]
}
},
{
"product_name": "Cisco IP Conference Phone 8832 and the rest of the IP Phone 8800 Series",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "12.5(1)SR1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to critical services and cause a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 11.0(5) for Wireless IP Phone 8821 and 8821-EX; and 12.5(1)SR1 for the IP Conference Phone 8832 and the rest of the IP Phone 8800 Series. Cisco IP Conference Phone 8831 is not affected."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190320 Cisco IP Phone 8800 Series Authorization Bypass Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipab"
}
]
},
"source": {
"advisory": "cisco-sa-20190320-ipab",
"defect": [
[
"CSCvn56175",
"CSCvo58414"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1763",
"datePublished": "2019-03-22T20:05:34.687309Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T19:14:36.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1766
Vulnerability from cvelistv5
Published
2019-03-22 20:05
Modified
2024-11-19 19:14
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software does not restrict the maximum size of certain files that can be written to disk. An attacker who has valid administrator credentials for an affected system could exploit this vulnerability by sending a crafted, remote connection request to an affected system. A successful exploit could allow the attacker to write a file that consumes most of the available disk space on the system, causing application functions to operate abnormally and leading to a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 12.5(1)SR1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipfudos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco IP Phone 8800 Series Software |
Version: unspecified < 12.5(1)SR1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190320 Cisco IP Phone 8800 Series File Upload Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipfudos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1766",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:25:14.813663Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:14:46.449Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP Phone 8800 Series Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "12.5(1)SR1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software does not restrict the maximum size of certain files that can be written to disk. An attacker who has valid administrator credentials for an affected system could exploit this vulnerability by sending a crafted, remote connection request to an affected system. A successful exploit could allow the attacker to write a file that consumes most of the available disk space on the system, causing application functions to operate abnormally and leading to a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 12.5(1)SR1."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-22T20:05:15",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190320 Cisco IP Phone 8800 Series File Upload Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipfudos"
}
],
"source": {
"advisory": "cisco-sa-20190320-ipfudos",
"defect": [
[
"CSCvo58440"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 8800 Series File Upload Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-03-20T16:00:00-0700",
"ID": "CVE-2019-1766",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone 8800 Series File Upload Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IP Phone 8800 Series Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "12.5(1)SR1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software does not restrict the maximum size of certain files that can be written to disk. An attacker who has valid administrator credentials for an affected system could exploit this vulnerability by sending a crafted, remote connection request to an affected system. A successful exploit could allow the attacker to write a file that consumes most of the available disk space on the system, causing application functions to operate abnormally and leading to a DoS condition. This vulnerability affects Cisco IP Phone 8800 Series products running a SIP Software release prior to 12.5(1)SR1."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190320 Cisco IP Phone 8800 Series File Upload Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipfudos"
}
]
},
"source": {
"advisory": "cisco-sa-20190320-ipfudos",
"defect": [
[
"CSCvo58440"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1766",
"datePublished": "2019-03-22T20:05:15.753863Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T19:14:46.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1684
Vulnerability from cvelistv5
Published
2019-02-21 20:00
Modified
2024-11-21 19:45
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/107104 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco IP Phone 8800 Series Software |
Version: unspecified < 12.6(1)MN80 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:41.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190220 Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos"
},
{
"name": "107104",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107104"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1684",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T19:00:28.716175Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:45:06.009Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP Phone 8800 Series Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "12.6(1)MN80",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-22T10:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190220 Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos"
},
{
"name": "107104",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107104"
}
],
"source": {
"advisory": "cisco-sa-20190220-cdp-lldp-dos",
"defect": [
[
"CSCvn47250"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-02-20T16:00:00-0800",
"ID": "CVE-2019-1684",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IP Phone 8800 Series Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "12.6(1)MN80"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.5",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190220 Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos"
},
{
"name": "107104",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107104"
}
]
},
"source": {
"advisory": "cisco-sa-20190220-cdp-lldp-dos",
"defect": [
[
"CSCvn47250"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1684",
"datePublished": "2019-02-21T20:00:00Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-21T19:45:06.009Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20018
Vulnerability from cvelistv5
Published
2023-01-19 01:35
Modified
2024-08-02 08:57
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Session Initiation Protocol (SIP) Software |
Version: 9.3(4) 3rd Party Version: 9.3(4)SR3 3rd Party Version: 9.3(4)SR1 3rd Party Version: 9.3(4)SR2 3rd Party Version: 11.0(3)SR3 Version: 11.0(2)SR1 Version: 11.5(1) Version: 11.0(5)SR2 Version: 11.0(2) Version: 11.7(1) Version: 11.0(4)SR3 Version: 11.0(0.7) MPP Version: 11.0(4)SR2 Version: 11.0(3)SR5 Version: 11.0(3)SR6 Version: 11.0(3) Version: 11.0(4)SR1 Version: 11.0(1) MPP Version: 11.0(4) Version: 11.0(3)SR4 Version: 11.0(5) Version: 11.0(3)SR1 Version: 11.0(5)SR1 Version: 11.0(3)SR2 Version: 11.0(2)SR2 Version: 11.0(1) Version: 11.5(1)SR1 Version: 11-0-1MSR1-1 Version: 10.4(1) 3rd Party Version: 10.3(1.11) 3rd Party Version: 10.2(2) Version: 10.2(1)SR1 Version: 10.1(1.9) Version: 10.1(1)SR2 Version: 10.2(1) Version: 10.1(1)SR1 Version: 10.4(1)SR2 3rd Party Version: 10.3(1) Version: 10.3(1)SR4b Version: 10.3(1)SR5 Version: 10.3(1.9) 3rd Party Version: 10.3(2) Version: 10.3(1)SR4 Version: 10.3(1)SR2 Version: 10.3(1)SR3 Version: 10.3(1)SR1 Version: 12.6(1) Version: 12.1(1) Version: 12.5(1)SR1 Version: 12.5(1)SR2 Version: 12.5(1) Version: 12.5(1)SR3 Version: 12.6(1)SR1 Version: 12.7(1) Version: 12.1(1)SR1 Version: 12.0(1) Version: 12.0(1)SR2 Version: 12.0(1)SR1 Version: 12.0(1)SR3 Version: 12.8(1) Version: 12.8(1)SR1 Version: 12.8(1)SR2 Version: 11.0(5)SR3 Version: 11.0(6) Version: 11.0(6)SR1 Version: 11.0(6)SR2 Version: 10.3(1)SR6 Version: 10.3(1)SR7 Version: 12.7(1)SR1 Version: 14.0(1)SR1 Version: 14.0(1) Version: 14.0(1)SR2 Version: 14.0(1)SR3 Version: 14.1(1) Version: 14.1(1)SR1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ip-phone-auth-bypass-pSqxZRPR",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-auth-bypass-pSqxZRPR"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR5"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(1) MPP"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(6)"
},
{
"status": "affected",
"version": "11.0(6)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.1(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:31.975Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ip-phone-auth-bypass-pSqxZRPR",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-auth-bypass-pSqxZRPR"
}
],
"source": {
"advisory": "cisco-sa-ip-phone-auth-bypass-pSqxZRPR",
"defects": [
"CSCwc37223",
"CSCwc37234"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20018",
"datePublished": "2023-01-19T01:35:41.006Z",
"dateReserved": "2022-10-27T18:47:50.308Z",
"dateUpdated": "2024-08-02T08:57:35.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}