Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for ip_conference_phone_8831_firmware by cisco

    CVE-2024-20445 (GCVE-0-2024-20445)

    Vulnerability from nvd – Published: 2024-11-06 16:29 – Updated: 2024-11-06 22:00
    VLAI
    Title
    Cisco IP Phone 7800, 8800, and 9800 Series Information Disclosure Vulnerability
    Summary
    A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper storage of sensitive information within the web UI of Session Initiation Protocol (SIP)-based phone loads. An attacker could exploit this vulnerability by browsing to the IP address of a device that has Web Access enabled. A successful exploit could allow the attacker to access sensitive information, including incoming and outgoing call records. Note: Web Access is disabled by default.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Session Initiation Protocol (SIP) Software Affected: 12.1(1)SR1
    Affected: 11.5(1)
    Affected: 10.3(2)
    Affected: 10.2(2)
    Affected: 10.3(1)
    Affected: 10.3(1)SR4
    Affected: 11.0(1)
    Affected: 10.4(1)SR2 3rd Party
    Affected: 11.7(1)
    Affected: 12.1(1)
    Affected: 11.0(0.7) MPP
    Affected: 9.3(4) 3rd Party
    Affected: 12.5(1)SR2
    Affected: 10.2(1)SR1
    Affected: 9.3(4)SR3 3rd Party
    Affected: 10.2(1)
    Affected: 12.5(1)
    Affected: 10.3(1)SR2
    Affected: 11-0-1MSR1-1
    Affected: 10.4(1) 3rd Party
    Affected: 12.5(1)SR1
    Affected: 11.5(1)SR1
    Affected: 10.1(1)SR2
    Affected: 12.0(1)SR2
    Affected: 12.6(1)
    Affected: 10.3(1.11) 3rd Party
    Affected: 12.0(1)
    Affected: 12.0(1)SR1
    Affected: 9.3(3)
    Affected: 12.5(1)SR3
    Affected: 10.3(1)SR4b
    Affected: 9.3(4)SR1 3rd Party
    Affected: 10.3(1)SR5
    Affected: 10.1(1.9)
    Affected: 10.3(1.9) 3rd Party
    Affected: 9.3(4)SR2 3rd Party
    Affected: 10.3(1)SR1
    Affected: 10.3(1)SR3
    Affected: 10.1(1)SR1
    Affected: 12.0(1)SR3
    Affected: 12.6(1)SR1
    Affected: 12.7(1)
    Affected: 10.3(1)SR6
    Affected: 12.8(1)
    Affected: 12.7(1)SR1
    Affected: 12.8(1)SR1
    Affected: 12.8(1)SR2
    Affected: 14.0(1)
    Affected: 14.0(1)SR1
    Affected: 10.3(1)SR7
    Affected: 14.0(1)SR2
    Affected: 14.1(1)
    Affected: 14.0(1)SR3
    Affected: 14.1(1)SR1
    Affected: 14.1(1)SR2
    Affected: 14.2(1)
    Affected: 14.2(1)SR1
    Affected: 14.1(1)SR3
    Affected: 14.2(1)SR2
    Affected: 3.1(1)
    Affected: 3.0(1)
    Affected: 14.2(1)SR3
    Affected: 3.1(1)SR1
    Create a notification for this product.
    cisco sip_ip_phone_software Affected: 12.1(1)SR1
    Affected: 11.5(1)
    Affected: 10.3(2)
    Affected: 10.2(2)
    Affected: 10.3(1)
    Affected: 10.3(1)SR4
    Affected: 11.0(1)
    Affected: 10.4(1)SR2_3rd_Party
    Affected: 11.7(1)
    Affected: 12.1(1)
    Affected: 11.0(0.7)_MPP
    Affected: 9.3(4)_3rd_Party
    Affected: 12.5(1)SR2
    Affected: 10.2(1)SR1
    Affected: 9.3(4)SR3_3rd_Party
    Affected: 10.2(1)
    Affected: 12.5(1)
    Affected: 10.3(1)SR2
    Affected: 11-0-1MSR1-1
    Affected: 10.4(1)_3rd_Party
    Affected: 12.5(1)SR1
    Affected: 11.5(1)SR1
    Affected: 10.1(1)SR2
    Affected: 12.0(1)SR2
    Affected: 12.6(1)
    Affected: 10.3(1.11)_3rd_Party
    Affected: 12.0(1)
    Affected: 12.0(1)SR1
    Affected: 9.3(3)
    Affected: 12.5(1)SR3
    Affected: 10.3(1)SR4b
    Affected: 9.3(4)SR1_3rd_Party
    Affected: 10.3(1)SR5
    Affected: 10.1(1.9)
    Affected: 10.3(1.9)_3rd_Party
    Affected: 9.3(4)SR2_3rd_Party
    Affected: 10.3(1)SR1
    Affected: 10.3(1)SR3
    Affected: 10.1(1)SR1
    Affected: 12.0(1)SR3
    Affected: 12.6(1)SR1
    Affected: 12.7(1)
    Affected: 10.3(1)SR6
    Affected: 12.8(1)
    Affected: 12.7(1)SR1
    Affected: 12.8(1)SR1
    Affected: 12.8(1)SR2
    Affected: 14.0(1)
    Affected: 14.0(1)SR1
    Affected: 10.3(1)SR7
    Affected: 14.0(1)SR2
    Affected: 14.1(1)
    Affected: 14.0(1)SR3
    Affected: 14.1(1)SR1
    Affected: 14.1(1)SR2
    Affected: 14.2(1)
    Affected: 14.2(1)SR1
    Affected: 14.1(1)SR3
    Affected: 14.2(1)SR2
    Affected: 3.1(1)
    Affected: 3.0(1)
    Affected: 14.2(1)SR3
    Affected: 3.1(1)SR1
        cpe:2.3:a:cisco:sip_ip_phone_software:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:sip_ip_phone_software:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sip_ip_phone_software",
                "vendor": "cisco",
                "versions": [
                  {
                    "status": "affected",
                    "version": "12.1(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "11.5(1)"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(2)"
                  },
                  {
                    "status": "affected",
                    "version": "10.2(2)"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)SR4"
                  },
                  {
                    "status": "affected",
                    "version": "11.0(1)"
                  },
                  {
                    "status": "affected",
                    "version": "10.4(1)SR2_3rd_Party"
                  },
                  {
                    "status": "affected",
                    "version": "11.7(1)"
                  },
                  {
                    "status": "affected",
                    "version": "12.1(1)"
                  },
                  {
                    "status": "affected",
                    "version": "11.0(0.7)_MPP"
                  },
                  {
                    "status": "affected",
                    "version": "9.3(4)_3rd_Party"
                  },
                  {
                    "status": "affected",
                    "version": "12.5(1)SR2"
                  },
                  {
                    "status": "affected",
                    "version": "10.2(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "9.3(4)SR3_3rd_Party"
                  },
                  {
                    "status": "affected",
                    "version": "10.2(1)"
                  },
                  {
                    "status": "affected",
                    "version": "12.5(1)"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)SR2"
                  },
                  {
                    "status": "affected",
                    "version": "11-0-1MSR1-1"
                  },
                  {
                    "status": "affected",
                    "version": "10.4(1)_3rd_Party"
                  },
                  {
                    "status": "affected",
                    "version": "12.5(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "11.5(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "10.1(1)SR2"
                  },
                  {
                    "status": "affected",
                    "version": "12.0(1)SR2"
                  },
                  {
                    "status": "affected",
                    "version": "12.6(1)"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1.11)_3rd_Party"
                  },
                  {
                    "status": "affected",
                    "version": "12.0(1)"
                  },
                  {
                    "status": "affected",
                    "version": "12.0(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "9.3(3)"
                  },
                  {
                    "status": "affected",
                    "version": "12.5(1)SR3"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)SR4b"
                  },
                  {
                    "status": "affected",
                    "version": "9.3(4)SR1_3rd_Party"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)SR5"
                  },
                  {
                    "status": "affected",
                    "version": "10.1(1.9)"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1.9)_3rd_Party"
                  },
                  {
                    "status": "affected",
                    "version": "9.3(4)SR2_3rd_Party"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)SR3"
                  },
                  {
                    "status": "affected",
                    "version": "10.1(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "12.0(1)SR3"
                  },
                  {
                    "status": "affected",
                    "version": "12.6(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "12.7(1)"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)SR6"
                  },
                  {
                    "status": "affected",
                    "version": "12.8(1)"
                  },
                  {
                    "status": "affected",
                    "version": "12.7(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "12.8(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "12.8(1)SR2"
                  },
                  {
                    "status": "affected",
                    "version": "14.0(1)"
                  },
                  {
                    "status": "affected",
                    "version": "14.0(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)SR7"
                  },
                  {
                    "status": "affected",
                    "version": "14.0(1)SR2"
                  },
                  {
                    "status": "affected",
                    "version": "14.1(1)"
                  },
                  {
                    "status": "affected",
                    "version": "14.0(1)SR3"
                  },
                  {
                    "status": "affected",
                    "version": "14.1(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "14.1(1)SR2"
                  },
                  {
                    "status": "affected",
                    "version": "14.2(1)"
                  },
                  {
                    "status": "affected",
                    "version": "14.2(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "14.1(1)SR3"
                  },
                  {
                    "status": "affected",
                    "version": "14.2(1)SR2"
                  },
                  {
                    "status": "affected",
                    "version": "3.1(1)"
                  },
                  {
                    "status": "affected",
                    "version": "3.0(1)"
                  },
                  {
                    "status": "affected",
                    "version": "14.2(1)SR3"
                  },
                  {
                    "status": "affected",
                    "version": "3.1(1)SR1"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20445",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-06T17:23:46.067108Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-06T22:00:02.234Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Session Initiation Protocol (SIP) Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.1(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(2)"
                },
                {
                  "status": "affected",
                  "version": "10.2(2)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR4"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "10.4(1)SR2 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "11.7(1)"
                },
                {
                  "status": "affected",
                  "version": "12.1(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(0.7) MPP"
                },
                {
                  "status": "affected",
                  "version": "9.3(4) 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "10.2(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "9.3(4)SR3 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "10.2(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "11-0-1MSR1-1"
                },
                {
                  "status": "affected",
                  "version": "10.4(1) 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "10.1(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1.11) 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "9.3(3)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR4b"
                },
                {
                  "status": "affected",
                  "version": "9.3(4)SR1 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR5"
                },
                {
                  "status": "affected",
                  "version": "10.1(1.9)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1.9) 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "9.3(4)SR2 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "10.1(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "12.7(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR6"
                },
                {
                  "status": "affected",
                  "version": "12.8(1)"
                },
                {
                  "status": "affected",
                  "version": "12.7(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "12.8(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "12.8(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "14.0(1)"
                },
                {
                  "status": "affected",
                  "version": "14.0(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR7"
                },
                {
                  "status": "affected",
                  "version": "14.0(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "14.1(1)"
                },
                {
                  "status": "affected",
                  "version": "14.0(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "14.1(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "14.1(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "14.2(1)"
                },
                {
                  "status": "affected",
                  "version": "14.2(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "14.1(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "14.2(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "3.1(1)"
                },
                {
                  "status": "affected",
                  "version": "3.0(1)"
                },
                {
                  "status": "affected",
                  "version": "14.2(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "3.1(1)SR1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device.\r\n\r\nThis vulnerability is due to improper storage of sensitive information within the web UI of Session Initiation Protocol (SIP)-based phone loads. An attacker could exploit this vulnerability by browsing to the IP address of a device that has Web Access enabled. A successful exploit could allow the attacker to access sensitive information, including incoming and outgoing call records.\r\nNote: Web Access is disabled by default."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-06T16:29:06.293Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-phone-infodisc-sbyqQVbG",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-infodisc-sbyqQVbG"
            }
          ],
          "source": {
            "advisory": "cisco-sa-phone-infodisc-sbyqQVbG",
            "defects": [
              "CSCwk25862"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco IP Phone 7800, 8800, and 9800 Series Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20445",
        "datePublished": "2024-11-06T16:29:06.293Z",
        "dateReserved": "2023-11-08T15:08:07.678Z",
        "dateUpdated": "2024-11-06T22:00:02.234Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20445 (GCVE-0-2024-20445)

    Vulnerability from cvelistv5 – Published: 2024-11-06 16:29 – Updated: 2024-11-06 22:00
    VLAI
    Title
    Cisco IP Phone 7800, 8800, and 9800 Series Information Disclosure Vulnerability
    Summary
    A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper storage of sensitive information within the web UI of Session Initiation Protocol (SIP)-based phone loads. An attacker could exploit this vulnerability by browsing to the IP address of a device that has Web Access enabled. A successful exploit could allow the attacker to access sensitive information, including incoming and outgoing call records. Note: Web Access is disabled by default.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Session Initiation Protocol (SIP) Software Affected: 12.1(1)SR1
    Affected: 11.5(1)
    Affected: 10.3(2)
    Affected: 10.2(2)
    Affected: 10.3(1)
    Affected: 10.3(1)SR4
    Affected: 11.0(1)
    Affected: 10.4(1)SR2 3rd Party
    Affected: 11.7(1)
    Affected: 12.1(1)
    Affected: 11.0(0.7) MPP
    Affected: 9.3(4) 3rd Party
    Affected: 12.5(1)SR2
    Affected: 10.2(1)SR1
    Affected: 9.3(4)SR3 3rd Party
    Affected: 10.2(1)
    Affected: 12.5(1)
    Affected: 10.3(1)SR2
    Affected: 11-0-1MSR1-1
    Affected: 10.4(1) 3rd Party
    Affected: 12.5(1)SR1
    Affected: 11.5(1)SR1
    Affected: 10.1(1)SR2
    Affected: 12.0(1)SR2
    Affected: 12.6(1)
    Affected: 10.3(1.11) 3rd Party
    Affected: 12.0(1)
    Affected: 12.0(1)SR1
    Affected: 9.3(3)
    Affected: 12.5(1)SR3
    Affected: 10.3(1)SR4b
    Affected: 9.3(4)SR1 3rd Party
    Affected: 10.3(1)SR5
    Affected: 10.1(1.9)
    Affected: 10.3(1.9) 3rd Party
    Affected: 9.3(4)SR2 3rd Party
    Affected: 10.3(1)SR1
    Affected: 10.3(1)SR3
    Affected: 10.1(1)SR1
    Affected: 12.0(1)SR3
    Affected: 12.6(1)SR1
    Affected: 12.7(1)
    Affected: 10.3(1)SR6
    Affected: 12.8(1)
    Affected: 12.7(1)SR1
    Affected: 12.8(1)SR1
    Affected: 12.8(1)SR2
    Affected: 14.0(1)
    Affected: 14.0(1)SR1
    Affected: 10.3(1)SR7
    Affected: 14.0(1)SR2
    Affected: 14.1(1)
    Affected: 14.0(1)SR3
    Affected: 14.1(1)SR1
    Affected: 14.1(1)SR2
    Affected: 14.2(1)
    Affected: 14.2(1)SR1
    Affected: 14.1(1)SR3
    Affected: 14.2(1)SR2
    Affected: 3.1(1)
    Affected: 3.0(1)
    Affected: 14.2(1)SR3
    Affected: 3.1(1)SR1
    Create a notification for this product.
    cisco sip_ip_phone_software Affected: 12.1(1)SR1
    Affected: 11.5(1)
    Affected: 10.3(2)
    Affected: 10.2(2)
    Affected: 10.3(1)
    Affected: 10.3(1)SR4
    Affected: 11.0(1)
    Affected: 10.4(1)SR2_3rd_Party
    Affected: 11.7(1)
    Affected: 12.1(1)
    Affected: 11.0(0.7)_MPP
    Affected: 9.3(4)_3rd_Party
    Affected: 12.5(1)SR2
    Affected: 10.2(1)SR1
    Affected: 9.3(4)SR3_3rd_Party
    Affected: 10.2(1)
    Affected: 12.5(1)
    Affected: 10.3(1)SR2
    Affected: 11-0-1MSR1-1
    Affected: 10.4(1)_3rd_Party
    Affected: 12.5(1)SR1
    Affected: 11.5(1)SR1
    Affected: 10.1(1)SR2
    Affected: 12.0(1)SR2
    Affected: 12.6(1)
    Affected: 10.3(1.11)_3rd_Party
    Affected: 12.0(1)
    Affected: 12.0(1)SR1
    Affected: 9.3(3)
    Affected: 12.5(1)SR3
    Affected: 10.3(1)SR4b
    Affected: 9.3(4)SR1_3rd_Party
    Affected: 10.3(1)SR5
    Affected: 10.1(1.9)
    Affected: 10.3(1.9)_3rd_Party
    Affected: 9.3(4)SR2_3rd_Party
    Affected: 10.3(1)SR1
    Affected: 10.3(1)SR3
    Affected: 10.1(1)SR1
    Affected: 12.0(1)SR3
    Affected: 12.6(1)SR1
    Affected: 12.7(1)
    Affected: 10.3(1)SR6
    Affected: 12.8(1)
    Affected: 12.7(1)SR1
    Affected: 12.8(1)SR1
    Affected: 12.8(1)SR2
    Affected: 14.0(1)
    Affected: 14.0(1)SR1
    Affected: 10.3(1)SR7
    Affected: 14.0(1)SR2
    Affected: 14.1(1)
    Affected: 14.0(1)SR3
    Affected: 14.1(1)SR1
    Affected: 14.1(1)SR2
    Affected: 14.2(1)
    Affected: 14.2(1)SR1
    Affected: 14.1(1)SR3
    Affected: 14.2(1)SR2
    Affected: 3.1(1)
    Affected: 3.0(1)
    Affected: 14.2(1)SR3
    Affected: 3.1(1)SR1
        cpe:2.3:a:cisco:sip_ip_phone_software:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:sip_ip_phone_software:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sip_ip_phone_software",
                "vendor": "cisco",
                "versions": [
                  {
                    "status": "affected",
                    "version": "12.1(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "11.5(1)"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(2)"
                  },
                  {
                    "status": "affected",
                    "version": "10.2(2)"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)SR4"
                  },
                  {
                    "status": "affected",
                    "version": "11.0(1)"
                  },
                  {
                    "status": "affected",
                    "version": "10.4(1)SR2_3rd_Party"
                  },
                  {
                    "status": "affected",
                    "version": "11.7(1)"
                  },
                  {
                    "status": "affected",
                    "version": "12.1(1)"
                  },
                  {
                    "status": "affected",
                    "version": "11.0(0.7)_MPP"
                  },
                  {
                    "status": "affected",
                    "version": "9.3(4)_3rd_Party"
                  },
                  {
                    "status": "affected",
                    "version": "12.5(1)SR2"
                  },
                  {
                    "status": "affected",
                    "version": "10.2(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "9.3(4)SR3_3rd_Party"
                  },
                  {
                    "status": "affected",
                    "version": "10.2(1)"
                  },
                  {
                    "status": "affected",
                    "version": "12.5(1)"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)SR2"
                  },
                  {
                    "status": "affected",
                    "version": "11-0-1MSR1-1"
                  },
                  {
                    "status": "affected",
                    "version": "10.4(1)_3rd_Party"
                  },
                  {
                    "status": "affected",
                    "version": "12.5(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "11.5(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "10.1(1)SR2"
                  },
                  {
                    "status": "affected",
                    "version": "12.0(1)SR2"
                  },
                  {
                    "status": "affected",
                    "version": "12.6(1)"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1.11)_3rd_Party"
                  },
                  {
                    "status": "affected",
                    "version": "12.0(1)"
                  },
                  {
                    "status": "affected",
                    "version": "12.0(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "9.3(3)"
                  },
                  {
                    "status": "affected",
                    "version": "12.5(1)SR3"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)SR4b"
                  },
                  {
                    "status": "affected",
                    "version": "9.3(4)SR1_3rd_Party"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)SR5"
                  },
                  {
                    "status": "affected",
                    "version": "10.1(1.9)"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1.9)_3rd_Party"
                  },
                  {
                    "status": "affected",
                    "version": "9.3(4)SR2_3rd_Party"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)SR3"
                  },
                  {
                    "status": "affected",
                    "version": "10.1(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "12.0(1)SR3"
                  },
                  {
                    "status": "affected",
                    "version": "12.6(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "12.7(1)"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)SR6"
                  },
                  {
                    "status": "affected",
                    "version": "12.8(1)"
                  },
                  {
                    "status": "affected",
                    "version": "12.7(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "12.8(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "12.8(1)SR2"
                  },
                  {
                    "status": "affected",
                    "version": "14.0(1)"
                  },
                  {
                    "status": "affected",
                    "version": "14.0(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "10.3(1)SR7"
                  },
                  {
                    "status": "affected",
                    "version": "14.0(1)SR2"
                  },
                  {
                    "status": "affected",
                    "version": "14.1(1)"
                  },
                  {
                    "status": "affected",
                    "version": "14.0(1)SR3"
                  },
                  {
                    "status": "affected",
                    "version": "14.1(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "14.1(1)SR2"
                  },
                  {
                    "status": "affected",
                    "version": "14.2(1)"
                  },
                  {
                    "status": "affected",
                    "version": "14.2(1)SR1"
                  },
                  {
                    "status": "affected",
                    "version": "14.1(1)SR3"
                  },
                  {
                    "status": "affected",
                    "version": "14.2(1)SR2"
                  },
                  {
                    "status": "affected",
                    "version": "3.1(1)"
                  },
                  {
                    "status": "affected",
                    "version": "3.0(1)"
                  },
                  {
                    "status": "affected",
                    "version": "14.2(1)SR3"
                  },
                  {
                    "status": "affected",
                    "version": "3.1(1)SR1"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20445",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-06T17:23:46.067108Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-06T22:00:02.234Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Session Initiation Protocol (SIP) Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.1(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(2)"
                },
                {
                  "status": "affected",
                  "version": "10.2(2)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR4"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "10.4(1)SR2 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "11.7(1)"
                },
                {
                  "status": "affected",
                  "version": "12.1(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(0.7) MPP"
                },
                {
                  "status": "affected",
                  "version": "9.3(4) 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "10.2(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "9.3(4)SR3 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "10.2(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "11-0-1MSR1-1"
                },
                {
                  "status": "affected",
                  "version": "10.4(1) 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "10.1(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1.11) 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "9.3(3)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR4b"
                },
                {
                  "status": "affected",
                  "version": "9.3(4)SR1 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR5"
                },
                {
                  "status": "affected",
                  "version": "10.1(1.9)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1.9) 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "9.3(4)SR2 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "10.1(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "12.7(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR6"
                },
                {
                  "status": "affected",
                  "version": "12.8(1)"
                },
                {
                  "status": "affected",
                  "version": "12.7(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "12.8(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "12.8(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "14.0(1)"
                },
                {
                  "status": "affected",
                  "version": "14.0(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR7"
                },
                {
                  "status": "affected",
                  "version": "14.0(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "14.1(1)"
                },
                {
                  "status": "affected",
                  "version": "14.0(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "14.1(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "14.1(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "14.2(1)"
                },
                {
                  "status": "affected",
                  "version": "14.2(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "14.1(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "14.2(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "3.1(1)"
                },
                {
                  "status": "affected",
                  "version": "3.0(1)"
                },
                {
                  "status": "affected",
                  "version": "14.2(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "3.1(1)SR1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device.\r\n\r\nThis vulnerability is due to improper storage of sensitive information within the web UI of Session Initiation Protocol (SIP)-based phone loads. An attacker could exploit this vulnerability by browsing to the IP address of a device that has Web Access enabled. A successful exploit could allow the attacker to access sensitive information, including incoming and outgoing call records.\r\nNote: Web Access is disabled by default."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-06T16:29:06.293Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-phone-infodisc-sbyqQVbG",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-infodisc-sbyqQVbG"
            }
          ],
          "source": {
            "advisory": "cisco-sa-phone-infodisc-sbyqQVbG",
            "defects": [
              "CSCwk25862"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco IP Phone 7800, 8800, and 9800 Series Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20445",
        "datePublished": "2024-11-06T16:29:06.293Z",
        "dateReserved": "2023-11-08T15:08:07.678Z",
        "dateUpdated": "2024-11-06T22:00:02.234Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }