All the vulnerabilites related to cisco - unified_ip_phone_7906g
Vulnerability from fkie_nvd
Published
2007-02-22 22:28
Modified
2024-11-21 00:27
Severity ?
Summary
The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063.
References
cve@mitre.orghttp://osvdb.org/33064Broken Link
cve@mitre.orghttp://secunia.com/advisories/24262Vendor Advisory
cve@mitre.orghttp://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtmlVendor Advisory
cve@mitre.orghttp://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtmlPatch, Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/22647Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/33064Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24262Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/22647Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
cisco unified_ip_phone_firmware_7906g 8.0\(4\)
cisco unified_ip_phone_7906g -
cisco unified_ip_phone_firmware_7911g 8.0\(4\)
cisco unified_ip_phone_7911g -
cisco unified_ip_phone_firmware_7941g 8.0\(4\)
cisco unified_ip_phone_7941g -
cisco unified_ip_phone_firmware_7961g 8.0\(4\)
cisco unified_ip_phone_7961g -
cisco unified_ip_phone_firmware_7970g 8.0\(4\)
cisco unified_ip_phone_7970g -
cisco unified_ip_phone_firmware_7971g 8.0\(4\)
cisco unified_ip_phone_7971g -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7906g:8.0\\(4\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "23432284-A61D-4154-8F12-0BDD5CD5626C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7906g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94B18568-30F5-40BF-96DB-589ED8D960F5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7911g:8.0\\(4\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "A79FC2D2-ADA6-40E7-B4BE-2D88EDAC3542",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7911g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BF164BA-91F9-434B-9837-1B6E600A91AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7941g:8.0\\(4\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "0F81336D-8BDD-48F4-AC57-65FF6977C4B6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7941g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7519FF0-672E-430F-980D-53D2A851C78C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7961g:8.0\\(4\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "0CBAB656-95DD-4F06-ABA9-F0440D100B66",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7961g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1B979DC-52B4-497E-9D7C-3D8F861E6E26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7970g:8.0\\(4\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "E9F28146-B268-4B3F-A399-19CC422EBAB0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7970g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "832C16DC-ED55-4879-8CF4-610BDDDAB86F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7971g:8.0\\(4\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "C1C8D7BE-0997-47E8-80A3-1F6263B66B91",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7971g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C0ED520-140A-43C4-99F0-751C358F8CDE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors.  NOTE: this issue can be leveraged remotely via CVE-2007-1063."
    },
    {
      "lang": "es",
      "value": "El interfaz de linea de comando (CLI) en Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, y 7971G, con firmware 8.0(4)SR1 y anteriores permite a usuarios locales obtener privilegios o provocar denegaci\u00f3n de servicio a trav\u00e9s de vectores no especificados. NOTA: este asunto podr\u00eda estar apalancada remotamente a trav\u00e9s de CVE-2007-1063."
    }
  ],
  "id": "CVE-2007-1072",
  "lastModified": "2024-11-21T00:27:26.497",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-02-22T22:28:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/33064"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24262"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/22647"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/33064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24262"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/22647"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2012-12-28 11:48
Modified
2024-11-21 01:44
Severity ?
Summary
The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 series devices (aka TNP phones) with software before 9.3.1-ES10 does not properly validate unspecified system calls, which allows attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a crafted binary.
References
ykramarz@cisco.comhttp://events.ccc.de/congress/2012/Fahrplan/events/5400.en.html
ykramarz@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-uipphone
af854a3a-2127-422b-91ae-364da2661108http://events.ccc.de/congress/2012/Fahrplan/events/5400.en.html
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-uipphone
Impacted products
Vendor Product Version
cisco skinny_client_control_protocol_software *
cisco skinny_client_control_protocol_software 1.0\(1\)
cisco skinny_client_control_protocol_software 1.0\(2\)
cisco skinny_client_control_protocol_software 1.0\(2\)
cisco skinny_client_control_protocol_software 1.0\(3\)
cisco skinny_client_control_protocol_software 1.0\(4\)
cisco skinny_client_control_protocol_software 1.0\(5\)
cisco skinny_client_control_protocol_software 1.0\(9\)
cisco skinny_client_control_protocol_software 1.1\(1\)
cisco skinny_client_control_protocol_software 1.2\(1\)
cisco skinny_client_control_protocol_software 1.3\(1\)
cisco skinny_client_control_protocol_software 1.3\(2\)
cisco skinny_client_control_protocol_software 1.3\(3\)
cisco skinny_client_control_protocol_software 1.3\(4\)
cisco skinny_client_control_protocol_software 1.3\(4\)
cisco skinny_client_control_protocol_software 1.4\(1\)
cisco skinny_client_control_protocol_software 1.4\(2\)
cisco skinny_client_control_protocol_software 2.0\(0\)
cisco skinny_client_control_protocol_software 2.0\(1\)
cisco skinny_client_control_protocol_software 3.0
cisco skinny_client_control_protocol_software 3.0\(0\)
cisco skinny_client_control_protocol_software 3.0\(1\)
cisco skinny_client_control_protocol_software 3.0\(2\)
cisco skinny_client_control_protocol_software 3.1
cisco skinny_client_control_protocol_software 3.1\(1\)
cisco skinny_client_control_protocol_software 3.1\(2\)
cisco skinny_client_control_protocol_software 3.1\(3\)
cisco skinny_client_control_protocol_software 3.1\(4\)
cisco skinny_client_control_protocol_software 3.1\(6\)
cisco skinny_client_control_protocol_software 3.1\(10\)
cisco skinny_client_control_protocol_software 3.1\(11\)
cisco skinny_client_control_protocol_software 3.2
cisco skinny_client_control_protocol_software 3.2\(1\)
cisco skinny_client_control_protocol_software 3.2\(2\)
cisco skinny_client_control_protocol_software 3.2\(3\)
cisco skinny_client_control_protocol_software 3.2\(4\)
cisco skinny_client_control_protocol_software 3.2\(5\)
cisco skinny_client_control_protocol_software 3.2\(6\)
cisco skinny_client_control_protocol_software 3.2\(6a\)
cisco skinny_client_control_protocol_software 3.2\(7\)
cisco skinny_client_control_protocol_software 3.2\(8\)
cisco skinny_client_control_protocol_software 3.2\(9\)
cisco skinny_client_control_protocol_software 3.2\(10\)
cisco skinny_client_control_protocol_software 3.2\(11\)
cisco skinny_client_control_protocol_software 3.2\(12\)
cisco skinny_client_control_protocol_software 3.2\(13\)
cisco skinny_client_control_protocol_software 3.2\(14\)
cisco skinny_client_control_protocol_software 3.2\(15\)
cisco skinny_client_control_protocol_software 3.3\(2\)
cisco skinny_client_control_protocol_software 3.3\(3\)
cisco skinny_client_control_protocol_software 3.3\(4\)
cisco skinny_client_control_protocol_software 3.3\(5\)
cisco skinny_client_control_protocol_software 3.3\(6\)
cisco skinny_client_control_protocol_software 3.3\(7\)
cisco skinny_client_control_protocol_software 3.3\(8\)
cisco skinny_client_control_protocol_software 3.3\(9\)
cisco skinny_client_control_protocol_software 3.3\(10\)
cisco skinny_client_control_protocol_software 3.3\(11\)
cisco skinny_client_control_protocol_software 3.3\(12\)
cisco skinny_client_control_protocol_software 3.3\(13\)
cisco skinny_client_control_protocol_software 3.3\(14\)
cisco skinny_client_control_protocol_software 3.3\(15\)
cisco skinny_client_control_protocol_software 3.3\(16\)
cisco skinny_client_control_protocol_software 3.3\(20\)
cisco skinny_client_control_protocol_software 4.0\(0\)
cisco skinny_client_control_protocol_software 4.1\(2\)
cisco skinny_client_control_protocol_software 4.1\(3\)
cisco skinny_client_control_protocol_software 4.1\(4\)
cisco skinny_client_control_protocol_software 4.1\(5\)
cisco skinny_client_control_protocol_software 4.1\(6\)
cisco skinny_client_control_protocol_software 4.1\(7\)
cisco skinny_client_control_protocol_software 5.0\(0\)
cisco skinny_client_control_protocol_software 5.0\(1a\)
cisco skinny_client_control_protocol_software 5.0\(3\)
cisco skinny_client_control_protocol_software 5.0\(5\)
cisco skinny_client_control_protocol_software 5.0\(6\)
cisco skinny_client_control_protocol_software 5.0\(7\)
cisco skinny_client_control_protocol_software 6.0\(0\)
cisco skinny_client_control_protocol_software 6.0\(2\)
cisco skinny_client_control_protocol_software 6.0\(3\)
cisco skinny_client_control_protocol_software 6.0\(3\)
cisco skinny_client_control_protocol_software 6.0\(4\)
cisco skinny_client_control_protocol_software 6.0\(5\)
cisco skinny_client_control_protocol_software 6.1\(0\)
cisco skinny_client_control_protocol_software 6.1\(1\)
cisco skinny_client_control_protocol_software 7.0\(1\)
cisco skinny_client_control_protocol_software 7.0\(2\)
cisco skinny_client_control_protocol_software 7.0\(2\)
cisco skinny_client_control_protocol_software 7.0\(3\)
cisco skinny_client_control_protocol_software 7.1\(2\)
cisco skinny_client_control_protocol_software 7.2\(2\)
cisco skinny_client_control_protocol_software 7.2\(3\)
cisco skinny_client_control_protocol_software 7.2\(4\)
cisco skinny_client_control_protocol_software 8.0\(1\)
cisco skinny_client_control_protocol_software 8.0\(2\)
cisco skinny_client_control_protocol_software 8.0\(3\)
cisco skinny_client_control_protocol_software 8.0\(4\)
cisco skinny_client_control_protocol_software 8.0\(4\)
cisco skinny_client_control_protocol_software 8.0\(4\)
cisco skinny_client_control_protocol_software 8.0\(5\)
cisco skinny_client_control_protocol_software 8.0\(6\)
cisco skinny_client_control_protocol_software 8.0\(7\)
cisco skinny_client_control_protocol_software 8.0\(8\)
cisco skinny_client_control_protocol_software 8.0\(9\)
cisco skinny_client_control_protocol_software 8.0\(10\)
cisco skinny_client_control_protocol_software 8.1\(1\)
cisco skinny_client_control_protocol_software 8.1\(2\)
cisco skinny_client_control_protocol_software 8.2\(1\)
cisco skinny_client_control_protocol_software 8.2\(2\)
cisco skinny_client_control_protocol_software 8.2\(2\)
cisco skinny_client_control_protocol_software 8.2\(2\)
cisco skinny_client_control_protocol_software 8.2\(2\)
cisco skinny_client_control_protocol_software 8.3\(1\)
cisco skinny_client_control_protocol_software 8.3\(2\)
cisco skinny_client_control_protocol_software 8.3\(2\)
cisco skinny_client_control_protocol_software 8.3\(3\)
cisco skinny_client_control_protocol_software 8.3\(3\)
cisco skinny_client_control_protocol_software 8.3\(3\)
cisco skinny_client_control_protocol_software 8.3\(5\)
cisco skinny_client_control_protocol_software 8.4\(1\)
cisco skinny_client_control_protocol_software 8.4\(1\)
cisco skinny_client_control_protocol_software 8.4\(2\)
cisco skinny_client_control_protocol_software 8.4\(3\)
cisco skinny_client_control_protocol_software 8.4\(4\)
cisco skinny_client_control_protocol_software 8.5\(2\)
cisco skinny_client_control_protocol_software 8.5\(2\)
cisco skinny_client_control_protocol_software 8.5\(3\)
cisco skinny_client_control_protocol_software 8.5\(3\)
cisco skinny_client_control_protocol_software 8.5\(4\)
cisco skinny_client_control_protocol_software 8.70
cisco skinny_client_control_protocol_software 9.0\(2\)
cisco skinny_client_control_protocol_software 9.0\(2\)
cisco skinny_client_control_protocol_software 9.0\(3\)
cisco skinny_client_control_protocol_software 9.0\(3b\)
cisco skinny_client_control_protocol_software 9.1\(1\)
cisco skinny_client_control_protocol_software 9.1\(1\)
cisco skinny_client_control_protocol_software 9.1\(1\)
cisco skinny_client_control_protocol_software 9.2\(1\)
cisco skinny_client_control_protocol_software 9.2\(2\)
cisco unified_ip_phone 7906g
cisco unified_ip_phone 7911g
cisco unified_ip_phone 7935
cisco unified_ip_phone 7936
cisco unified_ip_phone 7940
cisco unified_ip_phone 7940g
cisco unified_ip_phone 7941g
cisco unified_ip_phone 7960
cisco unified_ip_phone 7960g
cisco unified_ip_phone 7961g
cisco unified_ip_phone 7970g
cisco unified_ip_phone 7971g
cisco unified_ip_phone_7906g 7911g
cisco unified_ip_phone_7906g 7941g
cisco unified_ip_phone_7906g 7961g
cisco unified_ip_phone_7906g 7970g
cisco unified_ip_phone_7906g 7971g


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF064230-C02E-4F62-97BE-CD9882DBD479",
              "versionEndIncluding": "9.2\\(4\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:1.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6280E194-FE86-474A-932D-AE354B94CEB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:1.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2444CB4D-7456-4793-9625-ED7260BB3B65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:1.0\\(2\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "9FBECF8A-ADE5-419C-9555-072F5B06AB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:1.0\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C960837C-CEE9-4C76-B991-9481A2B435C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:1.0\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B08CD7F6-E911-456B-85EF-D2B41404CA43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:1.0\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CAEAC202-D06A-4755-AE28-C9159A7A81AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:1.0\\(9\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6A5A2847-8201-409F-BEDD-E9EF4BC5FFBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:1.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B8A81F19-81DC-421D-A56A-BED816549837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:1.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0A59EC96-7C90-4FE5-AD09-518C1426AC01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:1.3\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3922D4C4-3419-4404-97AD-12F4C48E6846",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:1.3\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FE1EA396-2F43-4328-BDEF-A3D09079AA40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:1.3\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0D074ED1-2825-40DD-B2D1-5BCBBAE01B1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:1.3\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "57669D49-6E68-49AE-A9C5-C8DE0EB0A958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:1.3\\(4\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "CF399AEB-FEF5-476D-AE72-66E4A1FBFB4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:1.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "125B5726-00D8-4659-8CD3-51FB1FC15B2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:1.4\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "96B08C41-1EBD-4BB9-ACE2-339F202C5900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:2.0\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1377BBE4-9DBB-4DC6-BAC1-EBB70FEF81B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:2.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DBFCA9D7-4C28-4179-AB6F-BC2224652307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF953655-CEF4-44C6-B160-958B473BD715",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.0\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AE2B326C-12B5-4C49-9539-463025C98DD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A4CD97-C275-4BD2-B8DD-B77D2F5B0F02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "476A19F8-C434-4516-BC54-FA4105A0D91B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09B13B3B-8486-4731-B847-618E3B5CEA5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3865DF2E-C10E-4D08-8E4B-2B0419A2E7D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DC573D9B-B404-4114-B20C-EAFFC17E789F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.1\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "19C7FD95-8859-4949-BD13-27A5C6962951",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.1\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3BD895B6-0426-4745-B123-467F039ABB2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.1\\(6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "33B8CE79-536C-41B7-A4A1-B9A20CCA16DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.1\\(10\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "76E5D981-50BE-4343-B276-927DCE1EDB1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.1\\(11\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A8E071E7-B6C1-4114-A086-70FEEA2C8708",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A0B28F7-92B3-42BD-AE16-3AA274A146A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "718A1D71-5E2A-4AE8-95EF-EE40C56A51E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "09F0153B-2308-459F-B229-B7ECFF283D2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DD86E8B0-E265-4430-B0F7-C927F512AAE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "57FAA07B-ED2D-4AB8-9A1B-A0171CD1FD0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BCEFC47B-7A45-4463-84F2-810A403FA57F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2\\(6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "428FE8DD-EA2B-437A-9743-63FBC65988DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2\\(6a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "76D23CE5-CC41-4362-BE5F-B9A9CC0927E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2\\(7\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F51D05-5AF8-4D09-B514-C3070C6882C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2\\(8\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "651C8655-A582-4369-A577-0180F453A745",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2\\(9\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A216D492-CF4C-481C-98EF-DF31A08F1D46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2\\(10\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "97C1A6BA-D089-4FFA-B49E-B1F26DCCF840",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2\\(11\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "83BF1C31-D074-448B-8F59-5E95B0484EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2\\(12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A82AB2C6-0841-4D4D-8BA4-76429BBC54D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2\\(13\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9760EC13-0088-49D2-8A81-7092CB4D30D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2\\(14\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3CDA5224-3D1A-42BD-AE6E-9E300B0F9B1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.2\\(15\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "09B6D133-971E-471C-8A64-71CF26A11021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.3\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CF686601-6ABB-4F32-B901-95DF37391956",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.3\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "73513DB9-49C8-4F42-949D-D9F86B580D31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.3\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "91D4C364-279B-4C67-9283-3714E7D6B38F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.3\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "49BCEEE7-BF82-4E01-ABCE-3CA26DD8589E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.3\\(6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F80EA3-53BD-4B52-A214-9664C624D076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.3\\(7\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BEEB83-61A1-4220-9C5B-A89BE24ACAD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.3\\(8\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "94C96460-C880-483D-9284-2DE1303B81C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.3\\(9\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4F66A107-9CB7-4733-8EA8-D4F0B302ECC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.3\\(10\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "64752C75-574A-4F5A-AC57-1CA8D489D485",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.3\\(11\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7AE98265-DB03-49B4-A350-891C3094B763",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.3\\(12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "10018552-62CB-407B-8537-69D88A3B939C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.3\\(13\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8C48BA3E-D5E3-4F00-83EF-56BED2F62D6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.3\\(14\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F9245949-323F-49A0-9107-D4045907E279",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.3\\(15\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "59FB8108-BF02-43A9-9F34-CBF9F0CCDA38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.3\\(16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5AC3EC09-A0E6-4DAB-AC2E-EA70EE527EAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:3.3\\(20\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B69D060F-C29E-4C1A-97A0-AE4F5D2DCE8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:4.0\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "420077D0-B470-4D81-B045-5F01D6BC4510",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:4.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6DD89E9A-21A4-4CB1-BCFA-61069B563E11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:4.1\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BF50B8FC-81D0-40B1-B6C7-107063434F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:4.1\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E7D05CD6-BB15-413E-87CC-0FCCF65B8A5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:4.1\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4A8176E3-2EC6-4913-A3FE-C1AD825644E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:4.1\\(6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BA1404C4-0B0E-4DC9-84BE-58E1997CDBED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:4.1\\(7\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6BEEDD45-083C-40E2-BF64-42F3169DA594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:5.0\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "68AFE44A-B5D6-4226-B543-4F2AFC81B325",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:5.0\\(1a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FFDA5D26-5770-4E04-A83C-BEC72D63EC9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:5.0\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DA6B9F1E-A05A-4298-B486-E198394CFA80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:5.0\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5FA01848-0BC0-43D3-9217-1E93703537AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:5.0\\(6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "51C5EE31-6775-4D17-BA53-EF86B6E3194F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:5.0\\(7\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AB6BB885-7EA3-43D5-979D-F52C9B177367",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:6.0\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "772B9E67-F952-4CE1-BC90-F64FA0200004",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:6.0\\(2\\):sr2:*:*:*:*:*:*",
              "matchCriteriaId": "85F5A4DE-2F0F-405C-81BF-414B7AD7763B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:6.0\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "115D3DC6-EFA3-45ED-AC20-6A4D62CC0EA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:6.0\\(3\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "2BDB93D6-DE27-4942-82D0-CBD4DD79F951",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:6.0\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "94AE6F39-8757-4A37-A727-7FF7D83DF736",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:6.0\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "ED05DB1F-6FA9-454E-B7A2-D7C8DA8287D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:6.1\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6E2B55BE-A7A3-4177-85B6-60F3B9D69815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:6.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "651FD81E-1366-4063-A447-22E294891573",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:7.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E9F33AA3-FCD3-452A-AF3B-03116285C798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:7.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9FD30D8F-CCFE-4083-85DC-8CFA752D5E84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:7.0\\(2\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "AEBCB775-BB7A-4F90-92B4-0C68052633F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:7.0\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2B3C1E7D-BD12-4075-AD5C-77E00DFDC906",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:7.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B57955BA-2832-4E81-AE44-9270735A6D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:7.2\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A019DDDC-E804-4B2D-B964-6ECA74EA687B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:7.2\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A25D6C37-0C74-4028-BC11-35D24040D3A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:7.2\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F0221F9C-9523-473E-9FF2-ECB53DD21B43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3EAED02F-E537-438F-A8E1-6E59AB15640F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "25DD97A0-AE36-4DB8-8053-821B9D85CF1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.0\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8243BD9C-C96A-4C0B-9FF2-E7B658D41822",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.0\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6CF6ADB0-0E11-4FA8-9B5C-07E1A948CC84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.0\\(4\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "ACF28CB5-42AD-476A-8A4B-86B93F7BE5EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.0\\(4\\):sr3a:*:*:*:*:*:*",
              "matchCriteriaId": "18215EE7-7384-4CEE-B76F-F7EE3005DE96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.0\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8BBECFD9-6B52-4684-BD8C-17810FBE3C5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.0\\(6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "208D8F53-4DC5-4433-97E7-DBA8F3E7C64F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.0\\(7\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "445F973B-696F-41A5-8453-650EE60E077E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.0\\(8\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D558EE52-08DA-457F-9963-8ED3B4453649",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.0\\(9\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "ECAA4377-B354-424F-A3CB-0CB240A9FD92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.0\\(10\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C0B033C4-D0D4-4F54-B194-70400C269558",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "099E5CE4-FBE8-408F-A841-1ED04BE1052E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B44FF741-F9DA-441C-9A32-E60BE86A14DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8F45D8CD-3DBC-4323-AE47-5B1D0E50AC59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.2\\(2\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "3D52DFCD-A19E-4AD3-910A-B69D1912A466",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.2\\(2\\):sr2:*:*:*:*:*:*",
              "matchCriteriaId": "7B3F7913-DA92-45F3-B07B-C1234D66DA1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.2\\(2\\):sr3:*:*:*:*:*:*",
              "matchCriteriaId": "EB3B8A26-C420-41D4-9857-835450975293",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.2\\(2\\):sr4:*:*:*:*:*:*",
              "matchCriteriaId": "92700231-D9EC-4DEA-BD03-85941CBEB329",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.3\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "921A0760-61B3-4638-9832-1AFEB58F1391",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.3\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E0C90630-055A-46AB-A1D6-34FFE79308D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.3\\(2\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "A4816823-C122-4A33-880E-476750188C39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.3\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2ABBEAED-440B-4C07-A770-8E6EEA4515EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.3\\(3\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "BC009A50-5928-41EF-81F3-1AF8E21A3C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.3\\(3\\):sr2:*:*:*:*:*:*",
              "matchCriteriaId": "FC36908D-D296-4B0B-A618-5F4B6625373A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.3\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1956D3D0-BEC7-4A4E-A55F-28132C2DFE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "103E5E79-348A-44EA-B7D5-227C5C3E0525",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.4\\(1\\):sr2:*:*:*:*:*:*",
              "matchCriteriaId": "481960DB-2DA7-4350-952D-4C6B7DFE77F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.4\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D5366114-385A-446E-9458-81FE3A004070",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.4\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AEBB4320-84AA-4335-975E-F58101B1E0C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "28817920-CDB6-425D-8299-10FD9934CCD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.5\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB4ABDD-0489-431C-9191-3D08339959DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.5\\(2\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "D2890533-3892-4FE6-9400-568F8818EA51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.5\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2668948E-E796-43FC-A566-C49A77A15F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.5\\(3\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "9FFA6473-9FD4-40F5-A200-CA112883EEE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.5\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B0E6A64B-F25B-492C-8214-0FE52FC084F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:8.70:*:*:*:*:*:*:*",
              "matchCriteriaId": "8962ADD0-45EE-4655-8E60-7601EEFA3902",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:9.0\\(2\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "01192CB6-0737-450E-92B0-CF5ECFDF8328",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:9.0\\(2\\):sr2:*:*:*:*:*:*",
              "matchCriteriaId": "5FFF9124-18F2-4044-8928-91D6146C6F31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:9.0\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3FDB83-6E4D-4E06-84D5-C5E5D2B14900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:9.0\\(3b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "039B99A7-FB9E-4967-AC20-0F1A1E518F7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:9.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2C4AB40D-589E-42F6-B296-81D7B565A8DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:9.1\\(1\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "F5D7BB9A-58EB-4B11-ACF2-08AF8EE62CA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:9.1\\(1\\):sr2:*:*:*:*:*:*",
              "matchCriteriaId": "E83556CA-1759-4343-853D-3AFE997D1066",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:9.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BA376752-8664-404F-84F6-3423EDCAADDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:skinny_client_control_protocol_software:9.2\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A0848A60-767A-4F35-BED3-6A3F3580C994",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone:7906g:*:*:*:*:*:*:*",
              "matchCriteriaId": "53A9A468-CAC3-4DC6-B839-557DBE8246D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone:7911g:*:*:*:*:*:*:*",
              "matchCriteriaId": "26830222-1503-4748-A104-334265D8F06F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone:7935:*:*:*:*:*:*:*",
              "matchCriteriaId": "19712324-A41D-49F1-AA74-3B30A731FF47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone:7936:*:*:*:*:*:*:*",
              "matchCriteriaId": "43F9E1FE-4BD5-40B9-B239-B2185821A551",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone:7940:*:*:*:*:*:*:*",
              "matchCriteriaId": "26BC4C08-16FD-4E27-AC7E-155E9CBAB808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone:7940g:*:*:*:*:*:*:*",
              "matchCriteriaId": "987BEE5F-5686-4B83-A6EF-903C86439BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone:7941g:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE61DF2-3D61-400F-BA70-B506412C9C28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone:7960:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EE292B7-DFC7-402C-BC10-9293D32B75B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone:7960g:*:*:*:*:*:*:*",
              "matchCriteriaId": "648AFF80-3F8B-4966-9899-530F498C8B3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone:7961g:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B76F56-31D4-4576-AC95-00AED498F25A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone:7970g:*:*:*:*:*:*:*",
              "matchCriteriaId": "2747DB12-83B9-40E4-9671-382E241C98EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone:7971g:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF0EBD01-E3AC-44C7-A03A-EDDBA18794C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7906g:7911g:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E6424DE-B6C1-4270-B564-E189A0C88A53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7906g:7941g:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A26A7F1-BB88-4B98-9A4A-DE6EC15F9602",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7906g:7961g:*:*:*:*:*:*:*",
              "matchCriteriaId": "7809EBA7-36DC-45B6-9CAD-15C24753F6D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7906g:7970g:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3873130-9724-4799-8EF1-F963FEB725FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7906g:7971g:*:*:*:*:*:*:*",
              "matchCriteriaId": "7047951B-CA4D-4F2E-98C5-4CE5E7BD4FF9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 series devices (aka TNP phones) with software before 9.3.1-ES10 does not properly validate unspecified system calls, which allows attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a crafted binary."
    },
    {
      "lang": "es",
      "value": "El kernel en Cisco Native Unix (CNU) en los dispositivos Cisco Unified IP Phone 7900 series (tambi\u00e9n conocidos como tel\u00e9fonos TNP) con software antes de v9.3.1-ES10 no valida correctamente algunas llamadas no especificados sistema, lo que permite a los atacantes ejecutar c\u00f3digo de su elecci\u00f3n o causar una denegaci\u00f3n de servicio (sobrescritura de memoria) a trav\u00e9s de un binario dise\u00f1ado para tal fin.\r\n"
    }
  ],
  "id": "CVE-2012-5445",
  "lastModified": "2024-11-21T01:44:41.100",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-12-28T11:48:44.673",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "url": "http://events.ccc.de/congress/2012/Fahrplan/events/5400.en.html"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-uipphone"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://events.ccc.de/congress/2012/Fahrplan/events/5400.en.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-uipphone"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-06-07 21:29
Modified
2024-11-21 03:37
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified IP Phone software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms in the software. An attacker could exploit this vulnerability by sending high volumes of SIP INVITE traffic to the targeted device. Successful exploitation could allow the attacker to cause a disruption of services on the targeted IP phone. Cisco Bug IDs: CSCve10064, CSCve14617, CSCve14638, CSCve14683, CSCve20812, CSCve20926, CSCve20945.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/104445Third Party Advisory, VDB Entry
ykramarz@cisco.comhttp://www.securitytracker.com/id/1041074Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-ip-phone-dosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/104445Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1041074Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-ip-phone-dosVendor Advisory
Impacted products
Vendor Product Version
cisco unified_ip_phone_firmware 9.9\(9.99002.1\)
cisco unified_ip_phone_9951 -
cisco unified_ip_phone_9971 -
cisco unified_ip_phone_firmware 9.9\(9.99002.1\)
cisco unified_ip_phone_7906g -
cisco unified_ip_phone_7911g -
cisco unified_ip_phone_7912g -
cisco unified_ip_phone_7931g -
cisco unified_ip_phone_7940g -
cisco unified_ip_phone_7941g -
cisco unified_ip_phone_7942g -
cisco unified_ip_phone_7945g -
cisco unified_ip_phone_7960g -
cisco unified_ip_phone_7961g -
cisco unified_ip_phone_7962g -
cisco unified_ip_phone_7965g -
cisco unified_ip_phone_7975g -
cisco ip_phone_firmware 9.4\(2\)sr3.1
cisco ip_phone_7811 -
cisco ip_phone_7821 -
cisco ip_phone_7841 -
cisco ip_phone_7861 -
cisco ip_phone_firmware 9.4\(2\)sr3.1
cisco ip_phone_8811 -
cisco ip_phone_8841 -
cisco ip_phone_8845 -
cisco ip_phone_8851 -
cisco ip_phone_8861 -
cisco ip_phone_8865 -
cisco ip_phone_firmware 9.4\(2\)sr4
cisco ip_phone_8811 -
cisco ip_phone_8841 -
cisco ip_phone_8845 -
cisco ip_phone_8851 -
cisco ip_phone_8861 -
cisco ip_phone_8865 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware:9.9\\(9.99002.1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3D3D7A0C-A65C-4AA3-99A8-91142783802C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_9951:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0B483E7-0B8D-480B-94B9-93F00AE91B4B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_9971:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF7ABE8-03D3-4ACA-834A-89D37D5EBFB2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware:9.9\\(9.99002.1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3D3D7A0C-A65C-4AA3-99A8-91142783802C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7906g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94B18568-30F5-40BF-96DB-589ED8D960F5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7911g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BF164BA-91F9-434B-9837-1B6E600A91AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7912g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA43909C-9ED4-40B3-A179-48568BA5E4B3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7931g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0D51724-CA7C-4F8E-9C02-408A96E32860",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7940g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "84AEFB6F-3534-478A-97FF-C100A86A269E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7941g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7519FF0-672E-430F-980D-53D2A851C78C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7942g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37232BAF-C3BD-45A3-B54F-3DA2E15F2FBD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7945g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5980E646-CA07-4222-A9DD-A71306A4A678",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7960g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DFA9051-62CB-4C7B-9C97-CD901DC778F0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7961g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1B979DC-52B4-497E-9D7C-3D8F861E6E26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7962g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8424EA40-BAEE-4503-A826-003C478D07F0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7965g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF30D1CC-D27F-49FF-9C63-BB890002D1C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7975g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BA879B6-04D6-402A-8F38-8A7CB34D76F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ip_phone_firmware:9.4\\(2\\)sr3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DCC90CA-7D61-4B77-BA39-D343E2A65A59",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ip_phone_7811:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7260C17-7067-47AD-995F-366A5E8B10E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ip_phone_7821:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE7AFFF0-5B21-400B-B923-E9B7FCCE08FA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ip_phone_7841:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73CF8A50-11BD-4506-BF2A-CCA36BF59EFF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ip_phone_7861:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E52C420C-FD54-4BE4-8720-E05307D53520",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ip_phone_firmware:9.4\\(2\\)sr3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DCC90CA-7D61-4B77-BA39-D343E2A65A59",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ip_phone_8811:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0CC3127-3152-4906-9FE0-BC6F21DCADAA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ip_phone_8841:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7944CC9C-AE08-4F30-AF65-134DADBD0FA1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ip_phone_8845:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A313E64A-F43C-4FBA-A389-6171CBD709C0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ip_phone_8851:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AF6DC5E-F582-445E-BF05-2D55A0954663",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "090EE553-01D5-45F0-87A4-E1167F46EB77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB99B9AB-64B5-4989-9579-A1BB5D2D87EF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ip_phone_firmware:9.4\\(2\\)sr4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDD6E0D0-6B8D-4C72-80F9-BF43EAD22CA9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ip_phone_8811:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0CC3127-3152-4906-9FE0-BC6F21DCADAA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ip_phone_8841:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7944CC9C-AE08-4F30-AF65-134DADBD0FA1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ip_phone_8845:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A313E64A-F43C-4FBA-A389-6171CBD709C0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ip_phone_8851:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AF6DC5E-F582-445E-BF05-2D55A0954663",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "090EE553-01D5-45F0-87A4-E1167F46EB77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB99B9AB-64B5-4989-9579-A1BB5D2D87EF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified IP Phone software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms in the software. An attacker could exploit this vulnerability by sending high volumes of SIP INVITE traffic to the targeted device. Successful exploitation could allow the attacker to cause a disruption of services on the targeted IP phone. Cisco Bug IDs: CSCve10064, CSCve14617, CSCve14638, CSCve14683, CSCve20812, CSCve20926, CSCve20945."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el procesamiento de paquetes entrantes SIP (Session Initiation Protocol) del software Cisco Unified IP Phone podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a la falta de mecanismos de control de flujo en el software. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de grandes vol\u00famenes de tr\u00e1fico SIP INVITE al dispositivo objetivo. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que un atacante provoque una interrupci\u00f3n de los servicios en el tel\u00e9fono IP objetivo. Cisco Bug IDs: CSCve10064, CSCve14617, CSCve14638, CSCve14683, CSCve20812, CSCve20926, CSCve20945."
    }
  ],
  "id": "CVE-2018-0332",
  "lastModified": "2024-11-21T03:37:59.870",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-06-07T21:29:00.400",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104445"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041074"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-ip-phone-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-ip-phone-dos"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2007-02-22 01:28
Modified
2024-11-21 00:27
Severity ?
Summary
The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device.
References
cve@mitre.orghttp://osvdb.org/45246Broken Link
cve@mitre.orghttp://secunia.com/advisories/24262Vendor Advisory
cve@mitre.orghttp://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtmlVendor Advisory
cve@mitre.orghttp://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtmlPatch, Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/22647Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id?1017681Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/0689Third Party Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/32627Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/45246Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24262Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/22647Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1017681Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/0689Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/32627Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
cisco unified_ip_phone_firmware_7906g 8.0\(4\)
cisco unified_ip_phone_7906g -
cisco unified_ip_phone_firmware_7911g 8.0\(4\)
cisco unified_ip_phone_7911g -
cisco unified_ip_phone_firmware_7941g 8.0\(4\)
cisco unified_ip_phone_7941g -
cisco unified_ip_phone_firmware_7961g 8.0\(4\)
cisco unified_ip_phone_7961g -
cisco unified_ip_phone_firmware_7970g 8.0\(4\)
cisco unified_ip_phone_7970g -
cisco unified_ip_phone_firmware_7971g 8.0\(4\)
cisco unified_ip_phone_7971g -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7906g:8.0\\(4\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "23432284-A61D-4154-8F12-0BDD5CD5626C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7906g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94B18568-30F5-40BF-96DB-589ED8D960F5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7911g:8.0\\(4\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "A79FC2D2-ADA6-40E7-B4BE-2D88EDAC3542",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7911g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BF164BA-91F9-434B-9837-1B6E600A91AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7941g:8.0\\(4\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "0F81336D-8BDD-48F4-AC57-65FF6977C4B6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7941g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7519FF0-672E-430F-980D-53D2A851C78C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7961g:8.0\\(4\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "0CBAB656-95DD-4F06-ABA9-F0440D100B66",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7961g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1B979DC-52B4-497E-9D7C-3D8F861E6E26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7970g:8.0\\(4\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "E9F28146-B268-4B3F-A399-19CC422EBAB0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7970g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "832C16DC-ED55-4879-8CF4-610BDDDAB86F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_firmware_7971g:8.0\\(4\\):sr1:*:*:*:*:*:*",
              "matchCriteriaId": "C1C8D7BE-0997-47E8-80A3-1F6263B66B91",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7971g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C0ED520-140A-43C4-99F0-751C358F8CDE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device."
    },
    {
      "lang": "es",
      "value": "El servidor SSH en Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, y 7971G, con firmware 8.0(4)SR1 y anteriores, utiliza un nombre de usuario y contrase\u00f1a fuertemente codificada, lo cual permite a atacantes remotos acceder al dispositivo."
    }
  ],
  "id": "CVE-2007-1063",
  "lastModified": "2024-11-21T00:27:25.117",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-02-22T01:28:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/45246"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24262"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/22647"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1017681"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/0689"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32627"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/45246"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24262"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/22647"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1017681"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/0689"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32627"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExMVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExMVendor Advisory
Impacted products
Vendor Product Version
cisco unified_ip_phone_6901_firmware *
cisco unified_ip_phone_6901 -
cisco unified_ip_phone_6961_firmware *
cisco unified_ip_phone_6961 -
cisco unified_ip_phone_6945_firmware *
cisco unified_ip_phone_6945 -
cisco unified_ip_phone_6941_firmware *
cisco unified_ip_phone_6941 -
cisco unified_ip_phone_6921_firmware *
cisco unified_ip_phone_6921 -
cisco unified_ip_phone_6911_firmware *
cisco unified_ip_phone_6911 -
cisco unified_ip_phone_7832_firmware *
cisco unified_ip_phone_7832 -
cisco unified_ip_phone_7861_firmware *
cisco unified_ip_phone_7861 -
cisco unified_ip_phone_7841_firmware *
cisco unified_ip_phone_7841 -
cisco unified_ip_phone_7821_firmware *
cisco unified_ip_phone_7821 -
cisco unified_ip_phone_7811_firmware *
cisco unified_ip_phone_7811 -
cisco unified_ip_phone_7937g_firmware *
cisco unified_ip_phone_7937g -
cisco unified_ip_phone_7975g_firmware *
cisco unified_ip_phone_7975g -
cisco unified_ip_phone_7965g_firmware *
cisco unified_ip_phone_7965g -
cisco unified_ip_phone_7962g_firmware *
cisco unified_ip_phone_7962g -
cisco unified_ip_phone_7961g_firmware *
cisco unified_ip_phone_7961g -
cisco unified_ip_phone_7960g_firmware *
cisco unified_ip_phone_7960g -
cisco unified_ip_phone_7945g_firmware *
cisco unified_ip_phone_7945g -
cisco unified_ip_phone_7942g_firmware *
cisco unified_ip_phone_7942g -
cisco unified_ip_phone_7941g_firmware *
cisco unified_ip_phone_7941g -
cisco unified_ip_phone_7940g_firmware *
cisco unified_ip_phone_7940g -
cisco unified_ip_phone_7931g_firmware *
cisco unified_ip_phone_7931g -
cisco unified_ip_phone_7911g_firmware *
cisco unified_ip_phone_7911g -
cisco unified_ip_phone_7906g_firmware *
cisco unified_ip_phone_7906g -
cisco unified_ip_phone_8811_firmware *
cisco unified_ip_phone_8811 -
cisco unified_ip_phone_8841_firmware *
cisco unified_ip_phone_8841 -
cisco unified_ip_phone_8845_firmware *
cisco unified_ip_phone_8845 -
cisco unified_ip_phone_8851_firmware *
cisco unified_ip_phone_8851 -
cisco unified_ip_phone_8851nr_firmware *
cisco unified_ip_phone_8851nr -
cisco unified_ip_phone_8861_firmware *
cisco unified_ip_phone_8861 -
cisco unified_ip_phone_8865_firmware *
cisco unified_ip_phone_8865 -
cisco unified_ip_phone_8865nr_firmware *
cisco unified_ip_phone_8865nr -
cisco unified_ip_phone_8961_firmware *
cisco unified_ip_phone_8961 -
cisco unified_ip_phone_8945_firmware *
cisco unified_ip_phone_8945 -
cisco unified_ip_phone_8941_firmware *
cisco unified_ip_phone_8941 -
cisco unified_ip_phone_9971_firmware *
cisco unified_ip_phone_9971 -
cisco unified_ip_phone_9951_firmware *
cisco unified_ip_phone_9951 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_6901_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9B5E567-41A0-4C9A-91A3-63EB5543F73F",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_6901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12C78A9E-35FA-4CC7-B51F-25133B3D6DA9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_6961_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0A706C-5D52-4FF9-A7D0-D81B8D44A7A0",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_6961:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEDF755A-DFA2-4BCB-9A06-0A225B8F05B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_6945_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9303F605-1F5D-4740-BE11-0A1176A68E80",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_6945:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B3B667E-9019-4A33-9BB0-D15560EC4145",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_6941_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "455F7CDE-B0C9-44B7-AD55-EA03B287A9DF",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_6941:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD4832E-16D3-4E26-B8ED-D32F5CB83180",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_6921_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB7A8AC1-6EF0-4FDC-8C18-3118F3F53C8B",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_6921:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B807519-7A91-4137-8B0D-0820C6299C13",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_6911_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CEC48E7-E9D8-406D-963C-06F5F2209423",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_6911:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F32CF4BC-40AD-4C9C-8787-2B7EAE2B3B5F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7832_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "552DA0C7-01D3-46E1-AC87-2CF41408EF0D",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7832:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C42D5D4-E5BF-4668-81F0-9D76552E0DCE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7861_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CAED4E4-23FA-4B15-8138-8B79392FC666",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7861:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "045E3CD2-AC00-4BA7-A0B0-94D9ACF1F6CF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7841_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C60EC68-7A31-4CBB-BCC4-DD56299C6EEA",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7841:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAEF25F-B028-487D-B396-C33D5246D188",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7821_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0921726-02A0-47D0-9E40-E1E3DD6D5A22",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7821:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "182E3741-46FC-47D3-B075-772E87C8F80C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7811_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EFB1A0-ED54-4586-9A10-E27A936AE6B6",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7811:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6551539F-39C1-4CD6-92F3-FE330E92CC06",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7937g_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE7BECC3-B86D-4669-8463-DAE35D406B1B",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7937g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F69722C8-73F9-4989-817B-DF8F882676AD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7975g_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6D10125-025C-42B5-93D9-5A4FA79290C3",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7975g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BA879B6-04D6-402A-8F38-8A7CB34D76F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7965g_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "82C369BE-4A67-489B-9A26-AB00D4C4E409",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7965g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF30D1CC-D27F-49FF-9C63-BB890002D1C2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7962g_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA428649-4098-4166-8ED3-4A1C707F00FB",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7962g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8424EA40-BAEE-4503-A826-003C478D07F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7961g_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57152C53-3445-4CDD-9C3F-DB0067611DAB",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7961g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1B979DC-52B4-497E-9D7C-3D8F861E6E26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7960g_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B10AA232-FF33-4062-977C-984D2E2CBF70",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7960g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DFA9051-62CB-4C7B-9C97-CD901DC778F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7945g_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8A52F3-1D02-4D2F-A68D-276D065BD00B",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7945g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5980E646-CA07-4222-A9DD-A71306A4A678",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7942g_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E24932D-8F8E-4991-858D-246D5CD594B7",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7942g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37232BAF-C3BD-45A3-B54F-3DA2E15F2FBD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7941g_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79A195E8-4210-4F4A-B742-1C943DF5D2AF",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7941g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7519FF0-672E-430F-980D-53D2A851C78C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7940g_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34AC4FC0-1504-449C-86CC-1033D0BBD994",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7940g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "84AEFB6F-3534-478A-97FF-C100A86A269E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7931g_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2B814BA-710F-4E42-8EA0-F9B59B5E2A39",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7931g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0D51724-CA7C-4F8E-9C02-408A96E32860",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7911g_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB2313E3-D3C9-4990-8657-05345C386759",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7911g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BF164BA-91F9-434B-9837-1B6E600A91AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_7906g_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7EA3D2C-8327-4D0F-9AD8-3373AB3CCC53",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_7906g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94B18568-30F5-40BF-96DB-589ED8D960F5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_8811_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D8DA83E-9548-455E-BCFF-5238FB56BF48",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_8811:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D96E5B04-7CFF-4DF9-A356-C015AD8F5536",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_8841_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15426BD5-25E2-43B6-9E6E-346F26E2AC1A",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_8841:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B68502-F042-4094-BECB-0C59C3C6D07F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_8845_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33CD3FFF-1517-4EF7-AE38-F6DA836100AE",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_8845:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF629B3C-0874-4BC9-97F3-28A5A7AC8917",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_8851_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD08767-7F00-48E6-87A9-99FE9E2D96B9",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_8851:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B37ABB-C273-47B1-B7B0-692280CC957B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_8851nr_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79C63F44-F1B6-47A3-900E-BA9B7A2EDAE3",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_8851nr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B021B260-CD3C-4EA5-9A2C-FE80B4ACA787",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_8861_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "118AE4A2-F0DB-4E0B-9998-A56711723D34",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_8861:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BB9129D-607E-4227-984E-F0FC2F9047ED",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_8865_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27AFD285-F65F-4B09-97C1-082C953EFCB9",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_8865:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B01FB146-FB66-4251-8025-F38C49FE9CAC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_8865nr_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8399BC8F-6DCD-4A61-9E1B-FFA636BAD4C2",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_8865nr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EB7D543-296F-44AE-9335-BF3244F21E55",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_8961_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25923E46-A572-4731-9EAA-3A3B52D83FD3",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_8961:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73338C3B-3AFA-4F64-B8C6-FDEBBBDCFD31",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_8945_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "02037FE7-B885-4C3D-9516-8C8D32D168B9",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_8945:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "645668C0-1702-4EBE-AF4D-F73824AF4C41",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_8941_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "89E58087-9ABF-4BF6-BCC9-F7904593A5D6",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_8941:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE80CCF2-84B6-409D-BED3-D1C3D8807D5F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_9971_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "486E6F8D-3563-42DF-86FA-34200B14FB2F",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_9971:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF7ABE8-03D3-4ACA-834A-89D37D5EBFB2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_ip_phone_9951_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C416A15-52CB-4850-8C5B-E3E9C9087FB3",
              "versionEndIncluding": "12.8\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_ip_phone_9951:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0B483E7-0B8D-480B-94B9-93F00AE91B4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad Web Access de Cisco IP Phones Series 7800 y Series 8800, podr\u00eda permitir a un atacante remoto no autenticado visualizar informaci\u00f3n confidencial sobre un dispositivo afectado. La vulnerabilidad es debido a controles de acceso inapropiados en la interfaz de administraci\u00f3n basada en web de un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de solicitudes maliciosas al dispositivo, lo que podr\u00eda permitirle omitir las restricciones de acceso. Un ataque con \u00e9xito podr\u00eda permitir al atacante visualizar informaci\u00f3n confidencial, incluyendo los registros de llamadas del dispositivo que contienen nombres, nombres de usuario y n\u00fameros de tel\u00e9fono de los usuarios del dispositivo"
    }
  ],
  "id": "CVE-2020-3360",
  "lastModified": "2024-11-21T05:30:52.567",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-06-18T03:15:14.403",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2012-5445
Vulnerability from cvelistv5
Published
2012-12-28 11:00
Modified
2024-08-06 21:05
Severity ?
Summary
The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 series devices (aka TNP phones) with software before 9.3.1-ES10 does not properly validate unspecified system calls, which allows attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a crafted binary.
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-uipphonevendor-advisory, x_refsource_CISCO
http://events.ccc.de/congress/2012/Fahrplan/events/5400.en.htmlx_refsource_MISC
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:05:47.223Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20130109 Cisco Unified IP Phones Local Kernel System Call Input Validation Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-uipphone"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://events.ccc.de/congress/2012/Fahrplan/events/5400.en.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-12-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 series devices (aka TNP phones) with software before 9.3.1-ES10 does not properly validate unspecified system calls, which allows attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a crafted binary."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-02-07T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20130109 Cisco Unified IP Phones Local Kernel System Call Input Validation Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-uipphone"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://events.ccc.de/congress/2012/Fahrplan/events/5400.en.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2012-5445",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 series devices (aka TNP phones) with software before 9.3.1-ES10 does not properly validate unspecified system calls, which allows attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a crafted binary."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20130109 Cisco Unified IP Phones Local Kernel System Call Input Validation Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-uipphone"
            },
            {
              "name": "http://events.ccc.de/congress/2012/Fahrplan/events/5400.en.html",
              "refsource": "MISC",
              "url": "http://events.ccc.de/congress/2012/Fahrplan/events/5400.en.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2012-5445",
    "datePublished": "2012-12-28T11:00:00",
    "dateReserved": "2012-10-17T00:00:00",
    "dateUpdated": "2024-08-06T21:05:47.223Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-3360
Vulnerability from cvelistv5
Published
2020-06-18 02:17
Modified
2024-11-15 17:05
Severity ?
5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExMvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:58.207Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200617 Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3360",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:21:10.982053Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:05:37.576Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IP Phone 8800 Series Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-06-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-18T02:17:03",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200617 Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM"
        }
      ],
      "source": {
        "advisory": "cisco-sa-phone-logs-2O7f7ExM",
        "defect": [
          [
            "CSCvt23310",
            "CSCvt27636",
            "CSCvt27637",
            "CSCvt27645"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-06-17T16:00:00",
          "ID": "CVE-2020-3360",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IP Phone 8800 Series Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200617 Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-phone-logs-2O7f7ExM",
          "defect": [
            [
              "CSCvt23310",
              "CSCvt27636",
              "CSCvt27637",
              "CSCvt27645"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3360",
    "datePublished": "2020-06-18T02:17:03.642062Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:05:37.576Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-1063
Vulnerability from cvelistv5
Published
2007-02-22 01:00
Modified
2024-08-07 12:43
Severity ?
Summary
The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/32627vdb-entry, x_refsource_XF
http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtmlvendor-advisory, x_refsource_CISCO
http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtmlvendor-advisory, x_refsource_CISCO
http://osvdb.org/45246vdb-entry, x_refsource_OSVDB
http://secunia.com/advisories/24262third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/0689vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/22647vdb-entry, x_refsource_BID
http://www.securitytracker.com/id?1017681vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:43:22.505Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-unified-ip-phone-default-user-account(32627)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32627"
          },
          {
            "name": "20070221 Identifying and Mitigating Exploitation of Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
          },
          {
            "name": "20070221 Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
          },
          {
            "name": "45246",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/45246"
          },
          {
            "name": "24262",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24262"
          },
          {
            "name": "ADV-2007-0689",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0689"
          },
          {
            "name": "22647",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/22647"
          },
          {
            "name": "1017681",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017681"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-02-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "cisco-unified-ip-phone-default-user-account(32627)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32627"
        },
        {
          "name": "20070221 Identifying and Mitigating Exploitation of Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
        },
        {
          "name": "20070221 Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
        },
        {
          "name": "45246",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/45246"
        },
        {
          "name": "24262",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24262"
        },
        {
          "name": "ADV-2007-0689",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0689"
        },
        {
          "name": "22647",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/22647"
        },
        {
          "name": "1017681",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017681"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-1063",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "cisco-unified-ip-phone-default-user-account(32627)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32627"
            },
            {
              "name": "20070221 Identifying and Mitigating Exploitation of Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
            },
            {
              "name": "20070221 Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
            },
            {
              "name": "45246",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/45246"
            },
            {
              "name": "24262",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24262"
            },
            {
              "name": "ADV-2007-0689",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/0689"
            },
            {
              "name": "22647",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/22647"
            },
            {
              "name": "1017681",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017681"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-1063",
    "datePublished": "2007-02-22T01:00:00",
    "dateReserved": "2007-02-21T00:00:00",
    "dateUpdated": "2024-08-07T12:43:22.505Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-1072
Vulnerability from cvelistv5
Published
2007-02-22 22:00
Modified
2024-08-07 12:43
Severity ?
Summary
The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063.
References
http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtmlvendor-advisory, x_refsource_CISCO
http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtmlvendor-advisory, x_refsource_CISCO
http://secunia.com/advisories/24262third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/22647vdb-entry, x_refsource_BID
http://osvdb.org/33064vdb-entry, x_refsource_OSVDB
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:43:22.545Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20070221 Identifying and Mitigating Exploitation of Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
          },
          {
            "name": "20070221 Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
          },
          {
            "name": "24262",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24262"
          },
          {
            "name": "22647",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/22647"
          },
          {
            "name": "33064",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/33064"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-02-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors.  NOTE: this issue can be leveraged remotely via CVE-2007-1063."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-11-15T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20070221 Identifying and Mitigating Exploitation of Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
        },
        {
          "name": "20070221 Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
        },
        {
          "name": "24262",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24262"
        },
        {
          "name": "22647",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/22647"
        },
        {
          "name": "33064",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/33064"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-1072",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors.  NOTE: this issue can be leveraged remotely via CVE-2007-1063."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20070221 Identifying and Mitigating Exploitation of Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml"
            },
            {
              "name": "20070221 Cisco Unified IP Conference Station and IP Phone Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml"
            },
            {
              "name": "24262",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24262"
            },
            {
              "name": "22647",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/22647"
            },
            {
              "name": "33064",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/33064"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-1072",
    "datePublished": "2007-02-22T22:00:00",
    "dateReserved": "2007-02-22T00:00:00",
    "dateUpdated": "2024-08-07T12:43:22.545Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-0332
Vulnerability from cvelistv5
Published
2018-06-07 21:00
Modified
2024-11-29 15:05
Severity ?
Summary
A vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified IP Phone software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms in the software. An attacker could exploit this vulnerability by sending high volumes of SIP INVITE traffic to the targeted device. Successful exploitation could allow the attacker to cause a disruption of services on the targeted IP phone. Cisco Bug IDs: CSCve10064, CSCve14617, CSCve14638, CSCve14683, CSCve20812, CSCve20926, CSCve20945.
References
http://www.securityfocus.com/bid/104445vdb-entry, x_refsource_BID
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-ip-phone-dosx_refsource_CONFIRM
http://www.securitytracker.com/id/1041074vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:15.586Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "104445",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104445"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-ip-phone-dos"
          },
          {
            "name": "1041074",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041074"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0332",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-29T14:43:46.497266Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-29T15:05:00.083Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Unified IP Phone Software unknown",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Unified IP Phone Software unknown"
            }
          ]
        }
      ],
      "datePublic": "2018-06-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified IP Phone software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms in the software. An attacker could exploit this vulnerability by sending high volumes of SIP INVITE traffic to the targeted device. Successful exploitation could allow the attacker to cause a disruption of services on the targeted IP phone. Cisco Bug IDs: CSCve10064, CSCve14617, CSCve14638, CSCve14683, CSCve20812, CSCve20926, CSCve20945."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-14T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "104445",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104445"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-ip-phone-dos"
        },
        {
          "name": "1041074",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041074"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0332",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Unified IP Phone Software unknown",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Unified IP Phone Software unknown"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified IP Phone software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms in the software. An attacker could exploit this vulnerability by sending high volumes of SIP INVITE traffic to the targeted device. Successful exploitation could allow the attacker to cause a disruption of services on the targeted IP phone. Cisco Bug IDs: CSCve10064, CSCve14617, CSCve14638, CSCve14683, CSCve20812, CSCve20926, CSCve20945."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "104445",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104445"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-ip-phone-dos",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-ip-phone-dos"
            },
            {
              "name": "1041074",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041074"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0332",
    "datePublished": "2018-06-07T21:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-11-29T15:05:00.083Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}