CVE-2020-3360 (GCVE-0-2020-3360)

Vulnerability from cvelistv5 – Published: 2020-06-18 02:17 – Updated: 2024-11-15 17:05
VLAI?
Summary
A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device.
Severity ?
5.3 (Medium)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE
Assigner
References
https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IP Phone 8800 Series Software Affected: n/a
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:58.207Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200617 Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3360",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:21:10.982053Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:05:37.576Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IP Phone 8800 Series Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-06-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-18T02:17:03",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200617 Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM"
        }
      ],
      "source": {
        "advisory": "cisco-sa-phone-logs-2O7f7ExM",
        "defect": [
          [
            "CSCvt23310",
            "CSCvt27636",
            "CSCvt27637",
            "CSCvt27645"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-06-17T16:00:00",
          "ID": "CVE-2020-3360",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IP Phone 8800 Series Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200617 Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-phone-logs-2O7f7ExM",
          "defect": [
            [
              "CSCvt23310",
              "CSCvt27636",
              "CSCvt27637",
              "CSCvt27645"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3360",
    "datePublished": "2020-06-18T02:17:03.642062Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:05:37.576Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_6901_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"A9B5E567-41A0-4C9A-91A3-63EB5543F73F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_6901:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12C78A9E-35FA-4CC7-B51F-25133B3D6DA9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_6961_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"8B0A706C-5D52-4FF9-A7D0-D81B8D44A7A0\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_6961:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BEDF755A-DFA2-4BCB-9A06-0A225B8F05B7\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_6945_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"9303F605-1F5D-4740-BE11-0A1176A68E80\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_6945:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B3B667E-9019-4A33-9BB0-D15560EC4145\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_6941_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"455F7CDE-B0C9-44B7-AD55-EA03B287A9DF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_6941:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FAD4832E-16D3-4E26-B8ED-D32F5CB83180\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_6921_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"FB7A8AC1-6EF0-4FDC-8C18-3118F3F53C8B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_6921:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B807519-7A91-4137-8B0D-0820C6299C13\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_6911_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"4CEC48E7-E9D8-406D-963C-06F5F2209423\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_6911:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F32CF4BC-40AD-4C9C-8787-2B7EAE2B3B5F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7832_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"552DA0C7-01D3-46E1-AC87-2CF41408EF0D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7832:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C42D5D4-E5BF-4668-81F0-9D76552E0DCE\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7861_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"0CAED4E4-23FA-4B15-8138-8B79392FC666\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7861:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"045E3CD2-AC00-4BA7-A0B0-94D9ACF1F6CF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7841_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"0C60EC68-7A31-4CBB-BCC4-DD56299C6EEA\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7841:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CAEF25F-B028-487D-B396-C33D5246D188\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7821_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"A0921726-02A0-47D0-9E40-E1E3DD6D5A22\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7821:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"182E3741-46FC-47D3-B075-772E87C8F80C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7811_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"C1EFB1A0-ED54-4586-9A10-E27A936AE6B6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7811:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6551539F-39C1-4CD6-92F3-FE330E92CC06\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7937g_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"CE7BECC3-B86D-4669-8463-DAE35D406B1B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7937g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F69722C8-73F9-4989-817B-DF8F882676AD\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7975g_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"F6D10125-025C-42B5-93D9-5A4FA79290C3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7975g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8BA879B6-04D6-402A-8F38-8A7CB34D76F4\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7965g_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"82C369BE-4A67-489B-9A26-AB00D4C4E409\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7965g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF30D1CC-D27F-49FF-9C63-BB890002D1C2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7962g_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"CA428649-4098-4166-8ED3-4A1C707F00FB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7962g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8424EA40-BAEE-4503-A826-003C478D07F0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7961g_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"57152C53-3445-4CDD-9C3F-DB0067611DAB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7961g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1B979DC-52B4-497E-9D7C-3D8F861E6E26\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7960g_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"B10AA232-FF33-4062-977C-984D2E2CBF70\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7960g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7DFA9051-62CB-4C7B-9C97-CD901DC778F0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7945g_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"5D8A52F3-1D02-4D2F-A68D-276D065BD00B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7945g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5980E646-CA07-4222-A9DD-A71306A4A678\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7942g_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"7E24932D-8F8E-4991-858D-246D5CD594B7\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7942g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37232BAF-C3BD-45A3-B54F-3DA2E15F2FBD\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7941g_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"79A195E8-4210-4F4A-B742-1C943DF5D2AF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7941g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E7519FF0-672E-430F-980D-53D2A851C78C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7940g_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"34AC4FC0-1504-449C-86CC-1033D0BBD994\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7940g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"84AEFB6F-3534-478A-97FF-C100A86A269E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7931g_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"C2B814BA-710F-4E42-8EA0-F9B59B5E2A39\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7931g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0D51724-CA7C-4F8E-9C02-408A96E32860\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7911g_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"CB2313E3-D3C9-4990-8657-05345C386759\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7911g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0BF164BA-91F9-434B-9837-1B6E600A91AF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_7906g_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"F7EA3D2C-8327-4D0F-9AD8-3373AB3CCC53\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_7906g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"94B18568-30F5-40BF-96DB-589ED8D960F5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_8811_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"2D8DA83E-9548-455E-BCFF-5238FB56BF48\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_8811:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D96E5B04-7CFF-4DF9-A356-C015AD8F5536\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_8841_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"15426BD5-25E2-43B6-9E6E-346F26E2AC1A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_8841:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80B68502-F042-4094-BECB-0C59C3C6D07F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_8845_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"33CD3FFF-1517-4EF7-AE38-F6DA836100AE\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_8845:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF629B3C-0874-4BC9-97F3-28A5A7AC8917\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_8851_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"8CD08767-7F00-48E6-87A9-99FE9E2D96B9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_8851:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37B37ABB-C273-47B1-B7B0-692280CC957B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_8851nr_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"79C63F44-F1B6-47A3-900E-BA9B7A2EDAE3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_8851nr:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B021B260-CD3C-4EA5-9A2C-FE80B4ACA787\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_8861_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"118AE4A2-F0DB-4E0B-9998-A56711723D34\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_8861:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3BB9129D-607E-4227-984E-F0FC2F9047ED\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_8865_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"27AFD285-F65F-4B09-97C1-082C953EFCB9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_8865:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B01FB146-FB66-4251-8025-F38C49FE9CAC\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_8865nr_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"8399BC8F-6DCD-4A61-9E1B-FFA636BAD4C2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_8865nr:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EB7D543-296F-44AE-9335-BF3244F21E55\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_8961_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"25923E46-A572-4731-9EAA-3A3B52D83FD3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_8961:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73338C3B-3AFA-4F64-B8C6-FDEBBBDCFD31\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_8945_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"02037FE7-B885-4C3D-9516-8C8D32D168B9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_8945:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"645668C0-1702-4EBE-AF4D-F73824AF4C41\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_8941_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"89E58087-9ABF-4BF6-BCC9-F7904593A5D6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_8941:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE80CCF2-84B6-409D-BED3-D1C3D8807D5F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_9971_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"486E6F8D-3563-42DF-86FA-34200B14FB2F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_9971:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FBF7ABE8-03D3-4ACA-834A-89D37D5EBFB2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:unified_ip_phone_9951_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.8\\\\(1\\\\)\", \"matchCriteriaId\": \"4C416A15-52CB-4850-8C5B-E3E9C9087FB3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:unified_ip_phone_9951:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0B483E7-0B8D-480B-94B9-93F00AE91B4B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en la funcionalidad Web Access de Cisco IP Phones Series 7800 y Series 8800, podr\\u00eda permitir a un atacante remoto no autenticado visualizar informaci\\u00f3n confidencial sobre un dispositivo afectado. La vulnerabilidad es debido a controles de acceso inapropiados en la interfaz de administraci\\u00f3n basada en web de un dispositivo afectado. Un atacante podr\\u00eda explotar esta vulnerabilidad mediante el env\\u00edo de solicitudes maliciosas al dispositivo, lo que podr\\u00eda permitirle omitir las restricciones de acceso. Un ataque con \\u00e9xito podr\\u00eda permitir al atacante visualizar informaci\\u00f3n confidencial, incluyendo los registros de llamadas del dispositivo que contienen nombres, nombres de usuario y n\\u00fameros de tel\\u00e9fono de los usuarios del dispositivo\"}]",
      "id": "CVE-2020-3360",
      "lastModified": "2024-11-21T05:30:52.567",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}], \"cvssMetricV30\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-06-18T03:15:14.403",
      "references": "[{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-863\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-3360\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2020-06-18T03:15:14.403\",\"lastModified\":\"2024-11-21T05:30:52.567\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la funcionalidad Web Access de Cisco IP Phones Series 7800 y Series 8800, podr\u00eda permitir a un atacante remoto no autenticado visualizar informaci\u00f3n confidencial sobre un dispositivo afectado. La vulnerabilidad es debido a controles de acceso inapropiados en la interfaz de administraci\u00f3n basada en web de un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de solicitudes maliciosas al dispositivo, lo que podr\u00eda permitirle omitir las restricciones de acceso. Un ataque con \u00e9xito podr\u00eda permitir al atacante visualizar informaci\u00f3n confidencial, incluyendo los registros de llamadas del dispositivo que contienen nombres, nombres de usuario y n\u00fameros de tel\u00e9fono de los usuarios del dispositivo\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV30\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_6901_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"A9B5E567-41A0-4C9A-91A3-63EB5543F73F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_6901:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12C78A9E-35FA-4CC7-B51F-25133B3D6DA9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_6961_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"8B0A706C-5D52-4FF9-A7D0-D81B8D44A7A0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_6961:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEDF755A-DFA2-4BCB-9A06-0A225B8F05B7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_6945_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"9303F605-1F5D-4740-BE11-0A1176A68E80\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_6945:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3B667E-9019-4A33-9BB0-D15560EC4145\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_6941_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"455F7CDE-B0C9-44B7-AD55-EA03B287A9DF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_6941:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAD4832E-16D3-4E26-B8ED-D32F5CB83180\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_6921_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"FB7A8AC1-6EF0-4FDC-8C18-3118F3F53C8B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_6921:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B807519-7A91-4137-8B0D-0820C6299C13\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_6911_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"4CEC48E7-E9D8-406D-963C-06F5F2209423\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_6911:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F32CF4BC-40AD-4C9C-8787-2B7EAE2B3B5F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7832_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"552DA0C7-01D3-46E1-AC87-2CF41408EF0D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7832:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C42D5D4-E5BF-4668-81F0-9D76552E0DCE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7861_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"0CAED4E4-23FA-4B15-8138-8B79392FC666\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7861:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"045E3CD2-AC00-4BA7-A0B0-94D9ACF1F6CF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7841_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"0C60EC68-7A31-4CBB-BCC4-DD56299C6EEA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7841:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CAEF25F-B028-487D-B396-C33D5246D188\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7821_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"A0921726-02A0-47D0-9E40-E1E3DD6D5A22\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7821:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"182E3741-46FC-47D3-B075-772E87C8F80C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7811_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"C1EFB1A0-ED54-4586-9A10-E27A936AE6B6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7811:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6551539F-39C1-4CD6-92F3-FE330E92CC06\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7937g_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"CE7BECC3-B86D-4669-8463-DAE35D406B1B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7937g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F69722C8-73F9-4989-817B-DF8F882676AD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7975g_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"F6D10125-025C-42B5-93D9-5A4FA79290C3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7975g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BA879B6-04D6-402A-8F38-8A7CB34D76F4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7965g_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"82C369BE-4A67-489B-9A26-AB00D4C4E409\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7965g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF30D1CC-D27F-49FF-9C63-BB890002D1C2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7962g_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"CA428649-4098-4166-8ED3-4A1C707F00FB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7962g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8424EA40-BAEE-4503-A826-003C478D07F0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7961g_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"57152C53-3445-4CDD-9C3F-DB0067611DAB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7961g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1B979DC-52B4-497E-9D7C-3D8F861E6E26\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7960g_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"B10AA232-FF33-4062-977C-984D2E2CBF70\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7960g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DFA9051-62CB-4C7B-9C97-CD901DC778F0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7945g_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"5D8A52F3-1D02-4D2F-A68D-276D065BD00B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7945g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5980E646-CA07-4222-A9DD-A71306A4A678\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7942g_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"7E24932D-8F8E-4991-858D-246D5CD594B7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7942g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37232BAF-C3BD-45A3-B54F-3DA2E15F2FBD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7941g_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"79A195E8-4210-4F4A-B742-1C943DF5D2AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7941g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7519FF0-672E-430F-980D-53D2A851C78C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7940g_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"34AC4FC0-1504-449C-86CC-1033D0BBD994\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7940g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84AEFB6F-3534-478A-97FF-C100A86A269E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7931g_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"C2B814BA-710F-4E42-8EA0-F9B59B5E2A39\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7931g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0D51724-CA7C-4F8E-9C02-408A96E32860\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7911g_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"CB2313E3-D3C9-4990-8657-05345C386759\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7911g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BF164BA-91F9-434B-9837-1B6E600A91AF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_7906g_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"F7EA3D2C-8327-4D0F-9AD8-3373AB3CCC53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_7906g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94B18568-30F5-40BF-96DB-589ED8D960F5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_8811_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"2D8DA83E-9548-455E-BCFF-5238FB56BF48\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_8811:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D96E5B04-7CFF-4DF9-A356-C015AD8F5536\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_8841_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"15426BD5-25E2-43B6-9E6E-346F26E2AC1A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_8841:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80B68502-F042-4094-BECB-0C59C3C6D07F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_8845_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"33CD3FFF-1517-4EF7-AE38-F6DA836100AE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_8845:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF629B3C-0874-4BC9-97F3-28A5A7AC8917\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_8851_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"8CD08767-7F00-48E6-87A9-99FE9E2D96B9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_8851:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37B37ABB-C273-47B1-B7B0-692280CC957B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_8851nr_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"79C63F44-F1B6-47A3-900E-BA9B7A2EDAE3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_8851nr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B021B260-CD3C-4EA5-9A2C-FE80B4ACA787\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_8861_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"118AE4A2-F0DB-4E0B-9998-A56711723D34\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_8861:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BB9129D-607E-4227-984E-F0FC2F9047ED\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_8865_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"27AFD285-F65F-4B09-97C1-082C953EFCB9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_8865:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B01FB146-FB66-4251-8025-F38C49FE9CAC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_8865nr_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"8399BC8F-6DCD-4A61-9E1B-FFA636BAD4C2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_8865nr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EB7D543-296F-44AE-9335-BF3244F21E55\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_8961_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"25923E46-A572-4731-9EAA-3A3B52D83FD3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_8961:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73338C3B-3AFA-4F64-B8C6-FDEBBBDCFD31\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_8945_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"02037FE7-B885-4C3D-9516-8C8D32D168B9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_8945:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"645668C0-1702-4EBE-AF4D-F73824AF4C41\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_8941_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"89E58087-9ABF-4BF6-BCC9-F7904593A5D6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_8941:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE80CCF2-84B6-409D-BED3-D1C3D8807D5F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_9971_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"486E6F8D-3563-42DF-86FA-34200B14FB2F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_9971:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBF7ABE8-03D3-4ACA-834A-89D37D5EBFB2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:unified_ip_phone_9951_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.8\\\\(1\\\\)\",\"matchCriteriaId\":\"4C416A15-52CB-4850-8C5B-E3E9C9087FB3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:unified_ip_phone_9951:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0B483E7-0B8D-480B-94B9-93F00AE91B4B\"}]}]}],\"references\":[{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM\", \"name\": \"20200617 Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T07:30:58.207Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-3360\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-15T16:21:10.982053Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-15T16:21:44.567Z\"}}], \"cna\": {\"title\": \"Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability\", \"source\": {\"defect\": [[\"CSCvt23310\", \"CSCvt27636\", \"CSCvt27637\", \"CSCvt27645\"]], \"advisory\": \"cisco-sa-phone-logs-2O7f7ExM\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"UNCHANGED\", \"version\": \"3.0\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco IP Phone 8800 Series Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"datePublic\": \"2020-06-17T00:00:00\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM\", \"name\": \"20200617 Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2020-06-18T02:17:03\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"5.3\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\"}}, \"source\": {\"defect\": [[\"CSCvt23310\", \"CSCvt27636\", \"CSCvt27637\", \"CSCvt27645\"]], \"advisory\": \"cisco-sa-phone-logs-2O7f7ExM\", \"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"Cisco IP Phone 8800 Series Software\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-logs-2O7f7ExM\", \"name\": \"20200617 Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability\", \"refsource\": \"CISCO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. The vulnerability is due to improper access controls on the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending malicious requests to the device, which could allow the attacker to bypass access restrictions. A successful attack could allow the attacker to view sensitive information, including device call logs that contain names, usernames, and phone numbers of users of the device.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-200\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2020-3360\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco IP Phones Series 7800 and Series 8800 Call Log Information Disclosure Vulnerability\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2020-06-17T16:00:00\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2020-3360\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-15T17:05:37.576Z\", \"dateReserved\": \"2019-12-12T00:00:00\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2020-06-18T02:17:03.642062Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.