Search criteria
24 vulnerabilities found for ip_phone_8832_firmware by cisco
CVE-2025-20351 (GCVE-0-2025-20351)
Vulnerability from nvd – Published: 2025-10-15 16:15 – Updated: 2025-10-15 17:43
VLAI?
Title
Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Cross-Site Scripting Vulnerability
Summary
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI.
This vulnerability exists because the web UI of an affected device does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Note: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
12.1(1)SR1
Affected: 11.5(1) Affected: 10.3(2) Affected: 10.2(2) Affected: 10.3(1) Affected: 10.3(1)SR4 Affected: 11.0(1) Affected: 10.4(1)SR2 3rd Party Affected: 11.7(1) Affected: 12.1(1) Affected: 11.0(0.7) MPP Affected: 9.3(4) 3rd Party Affected: 12.5(1)SR2 Affected: 10.2(1)SR1 Affected: 9.3(4)SR3 3rd Party Affected: 10.2(1) Affected: 12.5(1) Affected: 10.3(1)SR2 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 12.5(1)SR1 Affected: 11.5(1)SR1 Affected: 10.1(1)SR2 Affected: 12.0(1)SR2 Affected: 12.6(1) Affected: 10.3(1.11) 3rd Party Affected: 12.0(1) Affected: 12.0(1)SR1 Affected: 9.3(3) Affected: 12.5(1)SR3 Affected: 10.3(1)SR4b Affected: 9.3(4)SR1 3rd Party Affected: 10.3(1)SR5 Affected: 10.1(1.9) Affected: 10.3(1.9) 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 10.3(1)SR1 Affected: 10.3(1)SR3 Affected: 10.1(1)SR1 Affected: 12.0(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 10.3(1)SR6 Affected: 12.8(1) Affected: 12.7(1)SR1 Affected: 11.0(2)SR1 Affected: 11.0(4) Affected: 11.0(2) Affected: 11.0(4)SR3 Affected: 11.0(5) Affected: 11.0(3)SR2 Affected: 11.0(3)SR4 Affected: 11.0(3)SR3 Affected: 11.0(2)SR2 Affected: 11.0(4)SR1 Affected: 11.0(5)SR3 Affected: 11.0(3) Affected: 11.0(5)SR2 Affected: 11.0(3)SR6 Affected: 11.0(5)SR1 Affected: 11.0(4)SR2 Affected: 11.0(3)SR1 Affected: 11.0(3)SR5 Affected: 11.0(6) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 14.0(1) Affected: 14.0(1)SR1 Affected: 11.0(6)SR1 Affected: 10.3(1)SR7 Affected: 14.0(1)SR2 Affected: 14.1(1) Affected: 14.0(1)SR3 Affected: 11.0(6)SR2 Affected: 14.1(1)SR1 Affected: 14.1(1)SR2 Affected: 11.0(6)SR4 Affected: 14.2(1) Affected: 14.2(1)SR1 Affected: 11.0(6)SR5 Affected: 14.1(1)SR3 Affected: 14.2(1)SR2 Affected: 3.1(1) Affected: 3.0(1) Affected: 2.3(1) Affected: 2.3(1)SR1 Affected: 2.2(1) Affected: 2.1(1) Affected: 2.0(1) Affected: 14.2(1)SR3 Affected: 3.1(1)SR1 Affected: 14.3(1) Affected: 3.2(1) Affected: 14.3(1)SR1 Affected: 14.2(1)SR4 Affected: 11.0(6)SR6 Affected: 14.3(1)SR2 Affected: 14.3(1)SR3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20351",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T17:41:21.666555Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T17:43:25.544Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR5"
},
{
"status": "affected",
"version": "11.0(6)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "11.0(6)SR2"
},
{
"status": "affected",
"version": "14.1(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR2"
},
{
"status": "affected",
"version": "11.0(6)SR4"
},
{
"status": "affected",
"version": "14.2(1)"
},
{
"status": "affected",
"version": "14.2(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR5"
},
{
"status": "affected",
"version": "14.1(1)SR3"
},
{
"status": "affected",
"version": "14.2(1)SR2"
},
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "2.3(1)"
},
{
"status": "affected",
"version": "2.3(1)SR1"
},
{
"status": "affected",
"version": "2.2(1)"
},
{
"status": "affected",
"version": "2.1(1)"
},
{
"status": "affected",
"version": "2.0(1)"
},
{
"status": "affected",
"version": "14.2(1)SR3"
},
{
"status": "affected",
"version": "3.1(1)SR1"
},
{
"status": "affected",
"version": "14.3(1)"
},
{
"status": "affected",
"version": "3.2(1)"
},
{
"status": "affected",
"version": "14.3(1)SR1"
},
{
"status": "affected",
"version": "14.2(1)SR4"
},
{
"status": "affected",
"version": "11.0(6)SR6"
},
{
"status": "affected",
"version": "14.3(1)SR2"
},
{
"status": "affected",
"version": "14.3(1)SR3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI.\r\n\r\nThis vulnerability exists because the web UI of an affected device does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\r\nNote: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T16:15:18.666Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-phone-dos-FPyjLV7A",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-dos-FPyjLV7A"
}
],
"source": {
"advisory": "cisco-sa-phone-dos-FPyjLV7A",
"defects": [
"CSCwn51683"
],
"discovery": "INTERNAL"
},
"title": "Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20351",
"datePublished": "2025-10-15T16:15:18.666Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-10-15T17:43:25.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20350 (GCVE-0-2025-20350)
Vulnerability from nvd – Published: 2025-10-15 16:15 – Updated: 2025-10-15 17:42
VLAI?
Title
Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Denial of Service Vulnerability
Summary
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.
This vulnerability is due to a buffer overflow when an affected device processes HTTP packets. An attacker could exploit this vulnerability by sending crafted HTTP input to the device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Note: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default.
Severity ?
7.5 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
12.1(1)SR1
Affected: 11.5(1) Affected: 10.3(2) Affected: 10.2(2) Affected: 10.3(1) Affected: 10.3(1)SR4 Affected: 11.0(1) Affected: 10.4(1)SR2 3rd Party Affected: 11.7(1) Affected: 12.1(1) Affected: 11.0(0.7) MPP Affected: 9.3(4) 3rd Party Affected: 12.5(1)SR2 Affected: 10.2(1)SR1 Affected: 9.3(4)SR3 3rd Party Affected: 10.2(1) Affected: 12.5(1) Affected: 10.3(1)SR2 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 12.5(1)SR1 Affected: 11.5(1)SR1 Affected: 10.1(1)SR2 Affected: 12.0(1)SR2 Affected: 12.6(1) Affected: 10.3(1.11) 3rd Party Affected: 12.0(1) Affected: 12.0(1)SR1 Affected: 9.3(3) Affected: 12.5(1)SR3 Affected: 10.3(1)SR4b Affected: 9.3(4)SR1 3rd Party Affected: 10.3(1)SR5 Affected: 10.1(1.9) Affected: 10.3(1.9) 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 10.3(1)SR1 Affected: 10.3(1)SR3 Affected: 10.1(1)SR1 Affected: 12.0(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 10.3(1)SR6 Affected: 12.8(1) Affected: 12.7(1)SR1 Affected: 11.0(2)SR1 Affected: 11.0(4) Affected: 11.0(2) Affected: 11.0(4)SR3 Affected: 11.0(5) Affected: 11.0(3)SR2 Affected: 11.0(3)SR4 Affected: 11.0(3)SR3 Affected: 11.0(2)SR2 Affected: 11.0(4)SR1 Affected: 11.0(5)SR3 Affected: 11.0(3) Affected: 11.0(5)SR2 Affected: 11.0(3)SR6 Affected: 11.0(5)SR1 Affected: 11.0(4)SR2 Affected: 11.0(3)SR1 Affected: 11.0(3)SR5 Affected: 11.0(6) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 14.0(1) Affected: 14.0(1)SR1 Affected: 11.0(6)SR1 Affected: 10.3(1)SR7 Affected: 14.0(1)SR2 Affected: 14.1(1) Affected: 14.0(1)SR3 Affected: 11.0(6)SR2 Affected: 14.1(1)SR1 Affected: 14.1(1)SR2 Affected: 11.0(6)SR4 Affected: 14.2(1) Affected: 14.2(1)SR1 Affected: 11.0(6)SR5 Affected: 14.1(1)SR3 Affected: 14.2(1)SR2 Affected: 3.1(1) Affected: 3.0(1) Affected: 2.3(1) Affected: 2.3(1)SR1 Affected: 2.2(1) Affected: 2.1(1) Affected: 2.0(1) Affected: 14.2(1)SR3 Affected: 3.1(1)SR1 Affected: 14.3(1) Affected: 3.2(1) Affected: 14.3(1)SR1 Affected: 14.2(1)SR4 Affected: 11.0(6)SR6 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T17:42:26.123690Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T17:42:59.642Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR5"
},
{
"status": "affected",
"version": "11.0(6)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "11.0(6)SR2"
},
{
"status": "affected",
"version": "14.1(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR2"
},
{
"status": "affected",
"version": "11.0(6)SR4"
},
{
"status": "affected",
"version": "14.2(1)"
},
{
"status": "affected",
"version": "14.2(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR5"
},
{
"status": "affected",
"version": "14.1(1)SR3"
},
{
"status": "affected",
"version": "14.2(1)SR2"
},
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "2.3(1)"
},
{
"status": "affected",
"version": "2.3(1)SR1"
},
{
"status": "affected",
"version": "2.2(1)"
},
{
"status": "affected",
"version": "2.1(1)"
},
{
"status": "affected",
"version": "2.0(1)"
},
{
"status": "affected",
"version": "14.2(1)SR3"
},
{
"status": "affected",
"version": "3.1(1)SR1"
},
{
"status": "affected",
"version": "14.3(1)"
},
{
"status": "affected",
"version": "3.2(1)"
},
{
"status": "affected",
"version": "14.3(1)SR1"
},
{
"status": "affected",
"version": "14.2(1)SR4"
},
{
"status": "affected",
"version": "11.0(6)SR6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to a buffer overflow when an affected device processes HTTP packets. An attacker could exploit this vulnerability by sending crafted HTTP input to the device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.\r\nNote: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T16:15:10.244Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-phone-dos-FPyjLV7A",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-dos-FPyjLV7A"
}
],
"source": {
"advisory": "cisco-sa-phone-dos-FPyjLV7A",
"defects": [
"CSCwn51601"
],
"discovery": "INTERNAL"
},
"title": "Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20350",
"datePublished": "2025-10-15T16:15:10.244Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-10-15T17:42:59.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20079 (GCVE-0-2023-20079)
Vulnerability from nvd – Published: 2023-03-03 00:00 – Updated: 2024-10-28 16:33
VLAI?
Title
Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities
Summary
Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.
Severity ?
9.8 (Critical)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IP Phones with Multiplatform Firmware |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.877Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230302 Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-cmd-inj-KMFynVcP"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20079",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T16:27:14.331307Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T16:33:33.489Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP Phones with Multiplatform Firmware ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-03-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-03T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230302 Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-cmd-inj-KMFynVcP"
}
],
"source": {
"advisory": "cisco-sa-ip-phone-cmd-inj-KMFynVcP",
"defect": [
[
"CSCwc78400",
"CSCwd39132",
"CSCwd40474",
"CSCwd40489",
"CSCwd40494"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20079",
"datePublished": "2023-03-03T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-28T16:33:33.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20078 (GCVE-0-2023-20078)
Vulnerability from nvd – Published: 2023-03-03 00:00 – Updated: 2024-10-28 16:33
VLAI?
Title
Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities
Summary
Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.
Severity ?
9.8 (Critical)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IP Phones with Multiplatform Firmware |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230302 Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-cmd-inj-KMFynVcP"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20078",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T16:27:17.404874Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T16:33:46.026Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP Phones with Multiplatform Firmware ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-03-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-03T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230302 Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-cmd-inj-KMFynVcP"
}
],
"source": {
"advisory": "cisco-sa-ip-phone-cmd-inj-KMFynVcP",
"defect": [
[
"CSCwc78400",
"CSCwd39132",
"CSCwd40474",
"CSCwd40489",
"CSCwd40494"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20078",
"datePublished": "2023-03-03T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-28T16:33:46.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20018 (GCVE-0-2023-20018)
Vulnerability from nvd – Published: 2023-01-19 01:35 – Updated: 2024-08-02 08:57
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication.
Severity ?
8.6 (High)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
9.3(4) 3rd Party
Affected: 9.3(4)SR3 3rd Party Affected: 9.3(4)SR1 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 11.0(3)SR3 Affected: 11.0(2)SR1 Affected: 11.5(1) Affected: 11.0(5)SR2 Affected: 11.0(2) Affected: 11.7(1) Affected: 11.0(4)SR3 Affected: 11.0(0.7) MPP Affected: 11.0(4)SR2 Affected: 11.0(3)SR5 Affected: 11.0(3)SR6 Affected: 11.0(3) Affected: 11.0(4)SR1 Affected: 11.0(1) MPP Affected: 11.0(4) Affected: 11.0(3)SR4 Affected: 11.0(5) Affected: 11.0(3)SR1 Affected: 11.0(5)SR1 Affected: 11.0(3)SR2 Affected: 11.0(2)SR2 Affected: 11.0(1) Affected: 11.5(1)SR1 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 10.3(1.11) 3rd Party Affected: 10.2(2) Affected: 10.2(1)SR1 Affected: 10.1(1.9) Affected: 10.1(1)SR2 Affected: 10.2(1) Affected: 10.1(1)SR1 Affected: 10.4(1)SR2 3rd Party Affected: 10.3(1) Affected: 10.3(1)SR4b Affected: 10.3(1)SR5 Affected: 10.3(1.9) 3rd Party Affected: 10.3(2) Affected: 10.3(1)SR4 Affected: 10.3(1)SR2 Affected: 10.3(1)SR3 Affected: 10.3(1)SR1 Affected: 12.6(1) Affected: 12.1(1) Affected: 12.5(1)SR1 Affected: 12.5(1)SR2 Affected: 12.5(1) Affected: 12.5(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 12.1(1)SR1 Affected: 12.0(1) Affected: 12.0(1)SR2 Affected: 12.0(1)SR1 Affected: 12.0(1)SR3 Affected: 12.8(1) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 11.0(5)SR3 Affected: 11.0(6) Affected: 11.0(6)SR1 Affected: 11.0(6)SR2 Affected: 10.3(1)SR6 Affected: 10.3(1)SR7 Affected: 12.7(1)SR1 Affected: 14.0(1)SR1 Affected: 14.0(1) Affected: 14.0(1)SR2 Affected: 14.0(1)SR3 Affected: 14.1(1) Affected: 14.1(1)SR1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ip-phone-auth-bypass-pSqxZRPR",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-auth-bypass-pSqxZRPR"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR5"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(1) MPP"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(6)"
},
{
"status": "affected",
"version": "11.0(6)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.1(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:31.975Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ip-phone-auth-bypass-pSqxZRPR",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-auth-bypass-pSqxZRPR"
}
],
"source": {
"advisory": "cisco-sa-ip-phone-auth-bypass-pSqxZRPR",
"defects": [
"CSCwc37223",
"CSCwc37234"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20018",
"datePublished": "2023-01-19T01:35:41.006Z",
"dateReserved": "2022-10-27T18:47:50.308Z",
"dateUpdated": "2024-08-02T08:57:35.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20968 (GCVE-0-2022-20968)
Vulnerability from nvd – Published: 2022-12-08 16:13 – Updated: 2024-08-03 02:31
VLAI?
Summary
A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device.
This vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol traffic to an affected device. A successful exploit could allow the attacker to cause a stack overflow, resulting in possible remote code execution or a denial of service (DoS) condition on an affected device.
Severity ?
8.1 (High)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
9.3(4) 3rd Party
Affected: 9.3(4)SR3 3rd Party Affected: 9.3(4)SR1 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 11.5(1) Affected: 11.7(1) Affected: 11.0(0.7) MPP Affected: 11.0(1) MPP Affected: 11.0(1) Affected: 11.5(1)SR1 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 10.3(1.11) 3rd Party Affected: 10.2(2) Affected: 10.2(1)SR1 Affected: 10.1(1.9) Affected: 10.1(1)SR2 Affected: 10.2(1) Affected: 10.1(1)SR1 Affected: 10.4(1)SR2 3rd Party Affected: 10.3(1) Affected: 10.3(1)SR4b Affected: 10.3(1)SR5 Affected: 10.3(1.9) 3rd Party Affected: 10.3(2) Affected: 10.3(1)SR4 Affected: 10.3(1)SR2 Affected: 10.3(1)SR3 Affected: 10.3(1)SR1 Affected: 12.6(1) Affected: 12.1(1) Affected: 12.5(1)SR1 Affected: 12.5(1)SR2 Affected: 12.5(1) Affected: 12.5(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 12.1(1)SR1 Affected: 12.0(1) Affected: 12.0(1)SR2 Affected: 12.0(1)SR1 Affected: 12.0(1)SR3 Affected: 12.8(1) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 10.3(1)SR6 Affected: 10.3(1)SR7 Affected: 12.7(1)SR1 Affected: 14.0(1)SR1 Affected: 14.0(1) Affected: 14.0(1)SR2 Affected: 14.0(1)SR3 Affected: 14.1(1) Affected: 14.1(1)SR1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:58.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ipp-oobwrite-8cMF5r7U",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipp-oobwrite-8cMF5r7U"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "11.0(1) MPP"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.1(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device.\r\n\r\nThis vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol traffic to an affected device. A successful exploit could allow the attacker to cause a stack overflow, resulting in possible remote code execution or a denial of service (DoS) condition on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory and that this vulnerability has been publicly discussed.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:28.167Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ipp-oobwrite-8cMF5r7U",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipp-oobwrite-8cMF5r7U"
}
],
"source": {
"advisory": "cisco-sa-ipp-oobwrite-8cMF5r7U",
"defects": [
"CSCwb28354"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20968",
"datePublished": "2022-12-08T16:13:11.258Z",
"dateReserved": "2021-11-02T13:28:29.197Z",
"dateUpdated": "2024-08-03T02:31:58.569Z",
"requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20774 (GCVE-0-2022-20774)
Vulnerability from nvd – Published: 2022-04-06 18:12 – Updated: 2024-11-06 16:28
VLAI?
Title
Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based interface of an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform configuration changes on the affected device, resulting in a denial of service (DoS) condition.
Severity ?
6.8 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IP Phone 7800 Series with Multiplatform Firmware |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:49.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220406 Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-csrf-K56vXvVx"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20774",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T15:59:08.204328Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:28:57.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP Phone 7800 Series with Multiplatform Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-04-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based interface of an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform configuration changes on the affected device, resulting in a denial of service (DoS) condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-06T18:12:22",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220406 Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-csrf-K56vXvVx"
}
],
"source": {
"advisory": "cisco-sa-voip-phone-csrf-K56vXvVx",
"defect": [
[
"CSCvz56447"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-04-06T23:00:00",
"ID": "CVE-2022-20774",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IP Phone 7800 Series with Multiplatform Firmware",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based interface of an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform configuration changes on the affected device, resulting in a denial of service (DoS) condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-345"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220406 Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-csrf-K56vXvVx"
}
]
},
"source": {
"advisory": "cisco-sa-voip-phone-csrf-K56vXvVx",
"defect": [
[
"CSCvz56447"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20774",
"datePublished": "2022-04-06T18:12:26.733091Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:28:57.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-26140 (GCVE-0-2020-26140)
Vulnerability from nvd – Published: 2021-05-11 19:34 – Updated: 2024-08-04 15:49
VLAI?
Summary
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:49:07.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T14:11:58",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26140",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"name": "https://www.fragattacks.com",
"refsource": "MISC",
"url": "https://www.fragattacks.com"
},
{
"name": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md",
"refsource": "MISC",
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-26140",
"datePublished": "2021-05-11T19:34:42",
"dateReserved": "2020-09-29T00:00:00",
"dateUpdated": "2024-08-04T15:49:07.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-26139 (GCVE-0-2020-26139)
Vulnerability from nvd – Published: 2021-05-11 19:37 – Updated: 2024-08-04 15:49
VLAI?
Summary
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:49:07.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T14:09:21",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"name": "https://www.fragattacks.com",
"refsource": "MISC",
"url": "https://www.fragattacks.com"
},
{
"name": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md",
"refsource": "MISC",
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-26139",
"datePublished": "2021-05-11T19:37:55",
"dateReserved": "2020-09-29T00:00:00",
"dateUpdated": "2024-08-04T15:49:07.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-24588 (GCVE-0-2020-24588)
Vulnerability from nvd – Published: 2021-05-11 00:00 – Updated: 2024-08-04 15:19
VLAI?
Summary
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:19:08.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-01T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"url": "https://www.fragattacks.com"
},
{
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-24588",
"datePublished": "2021-05-11T00:00:00",
"dateReserved": "2020-08-21T00:00:00",
"dateUpdated": "2024-08-04T15:19:08.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-24587 (GCVE-0-2020-24587)
Vulnerability from nvd – Published: 2021-05-11 00:00 – Updated: 2024-08-04 15:19
VLAI?
Summary
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:19:08.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-01T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"url": "https://www.fragattacks.com"
},
{
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-24587",
"datePublished": "2021-05-11T00:00:00",
"dateReserved": "2020-08-21T00:00:00",
"dateUpdated": "2024-08-04T15:19:08.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16008 (GCVE-0-2019-16008)
Vulnerability from nvd – Published: 2020-01-26 04:45 – Updated: 2024-11-15 17:44
VLAI?
Title
Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Scripting Vulnerability
Summary
A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based GUI of an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Severity ?
5.4 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IP Phone 7800 Series with Multiplatform Firmware |
Affected:
unspecified , < n/a
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:03:32.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200108 Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-iphone-xss"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-16008",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:29:41.207109Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:44:17.675Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP Phone 7800 Series with Multiplatform Firmware",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based GUI of an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-26T04:45:30",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200108 Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-iphone-xss"
}
],
"source": {
"advisory": "cisco-sa-20200108-iphone-xss",
"defect": [
[
"CSCvq85331"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Scripting Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-01-08T16:00:00-0800",
"ID": "CVE-2019-16008",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Scripting Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IP Phone 7800 Series with Multiplatform Firmware",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based GUI of an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.4",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200108 Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-iphone-xss"
}
]
},
"source": {
"advisory": "cisco-sa-20200108-iphone-xss",
"defect": [
[
"CSCvq85331"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-16008",
"datePublished": "2020-01-26T04:45:30.615870Z",
"dateReserved": "2019-09-06T00:00:00",
"dateUpdated": "2024-11-15T17:44:17.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20351 (GCVE-0-2025-20351)
Vulnerability from cvelistv5 – Published: 2025-10-15 16:15 – Updated: 2025-10-15 17:43
VLAI?
Title
Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Cross-Site Scripting Vulnerability
Summary
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI.
This vulnerability exists because the web UI of an affected device does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Note: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
12.1(1)SR1
Affected: 11.5(1) Affected: 10.3(2) Affected: 10.2(2) Affected: 10.3(1) Affected: 10.3(1)SR4 Affected: 11.0(1) Affected: 10.4(1)SR2 3rd Party Affected: 11.7(1) Affected: 12.1(1) Affected: 11.0(0.7) MPP Affected: 9.3(4) 3rd Party Affected: 12.5(1)SR2 Affected: 10.2(1)SR1 Affected: 9.3(4)SR3 3rd Party Affected: 10.2(1) Affected: 12.5(1) Affected: 10.3(1)SR2 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 12.5(1)SR1 Affected: 11.5(1)SR1 Affected: 10.1(1)SR2 Affected: 12.0(1)SR2 Affected: 12.6(1) Affected: 10.3(1.11) 3rd Party Affected: 12.0(1) Affected: 12.0(1)SR1 Affected: 9.3(3) Affected: 12.5(1)SR3 Affected: 10.3(1)SR4b Affected: 9.3(4)SR1 3rd Party Affected: 10.3(1)SR5 Affected: 10.1(1.9) Affected: 10.3(1.9) 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 10.3(1)SR1 Affected: 10.3(1)SR3 Affected: 10.1(1)SR1 Affected: 12.0(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 10.3(1)SR6 Affected: 12.8(1) Affected: 12.7(1)SR1 Affected: 11.0(2)SR1 Affected: 11.0(4) Affected: 11.0(2) Affected: 11.0(4)SR3 Affected: 11.0(5) Affected: 11.0(3)SR2 Affected: 11.0(3)SR4 Affected: 11.0(3)SR3 Affected: 11.0(2)SR2 Affected: 11.0(4)SR1 Affected: 11.0(5)SR3 Affected: 11.0(3) Affected: 11.0(5)SR2 Affected: 11.0(3)SR6 Affected: 11.0(5)SR1 Affected: 11.0(4)SR2 Affected: 11.0(3)SR1 Affected: 11.0(3)SR5 Affected: 11.0(6) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 14.0(1) Affected: 14.0(1)SR1 Affected: 11.0(6)SR1 Affected: 10.3(1)SR7 Affected: 14.0(1)SR2 Affected: 14.1(1) Affected: 14.0(1)SR3 Affected: 11.0(6)SR2 Affected: 14.1(1)SR1 Affected: 14.1(1)SR2 Affected: 11.0(6)SR4 Affected: 14.2(1) Affected: 14.2(1)SR1 Affected: 11.0(6)SR5 Affected: 14.1(1)SR3 Affected: 14.2(1)SR2 Affected: 3.1(1) Affected: 3.0(1) Affected: 2.3(1) Affected: 2.3(1)SR1 Affected: 2.2(1) Affected: 2.1(1) Affected: 2.0(1) Affected: 14.2(1)SR3 Affected: 3.1(1)SR1 Affected: 14.3(1) Affected: 3.2(1) Affected: 14.3(1)SR1 Affected: 14.2(1)SR4 Affected: 11.0(6)SR6 Affected: 14.3(1)SR2 Affected: 14.3(1)SR3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20351",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T17:41:21.666555Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T17:43:25.544Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR5"
},
{
"status": "affected",
"version": "11.0(6)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "11.0(6)SR2"
},
{
"status": "affected",
"version": "14.1(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR2"
},
{
"status": "affected",
"version": "11.0(6)SR4"
},
{
"status": "affected",
"version": "14.2(1)"
},
{
"status": "affected",
"version": "14.2(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR5"
},
{
"status": "affected",
"version": "14.1(1)SR3"
},
{
"status": "affected",
"version": "14.2(1)SR2"
},
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "2.3(1)"
},
{
"status": "affected",
"version": "2.3(1)SR1"
},
{
"status": "affected",
"version": "2.2(1)"
},
{
"status": "affected",
"version": "2.1(1)"
},
{
"status": "affected",
"version": "2.0(1)"
},
{
"status": "affected",
"version": "14.2(1)SR3"
},
{
"status": "affected",
"version": "3.1(1)SR1"
},
{
"status": "affected",
"version": "14.3(1)"
},
{
"status": "affected",
"version": "3.2(1)"
},
{
"status": "affected",
"version": "14.3(1)SR1"
},
{
"status": "affected",
"version": "14.2(1)SR4"
},
{
"status": "affected",
"version": "11.0(6)SR6"
},
{
"status": "affected",
"version": "14.3(1)SR2"
},
{
"status": "affected",
"version": "14.3(1)SR3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI.\r\n\r\nThis vulnerability exists because the web UI of an affected device does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\r\nNote: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T16:15:18.666Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-phone-dos-FPyjLV7A",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-dos-FPyjLV7A"
}
],
"source": {
"advisory": "cisco-sa-phone-dos-FPyjLV7A",
"defects": [
"CSCwn51683"
],
"discovery": "INTERNAL"
},
"title": "Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20351",
"datePublished": "2025-10-15T16:15:18.666Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-10-15T17:43:25.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20350 (GCVE-0-2025-20350)
Vulnerability from cvelistv5 – Published: 2025-10-15 16:15 – Updated: 2025-10-15 17:42
VLAI?
Title
Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Denial of Service Vulnerability
Summary
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.
This vulnerability is due to a buffer overflow when an affected device processes HTTP packets. An attacker could exploit this vulnerability by sending crafted HTTP input to the device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Note: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default.
Severity ?
7.5 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
12.1(1)SR1
Affected: 11.5(1) Affected: 10.3(2) Affected: 10.2(2) Affected: 10.3(1) Affected: 10.3(1)SR4 Affected: 11.0(1) Affected: 10.4(1)SR2 3rd Party Affected: 11.7(1) Affected: 12.1(1) Affected: 11.0(0.7) MPP Affected: 9.3(4) 3rd Party Affected: 12.5(1)SR2 Affected: 10.2(1)SR1 Affected: 9.3(4)SR3 3rd Party Affected: 10.2(1) Affected: 12.5(1) Affected: 10.3(1)SR2 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 12.5(1)SR1 Affected: 11.5(1)SR1 Affected: 10.1(1)SR2 Affected: 12.0(1)SR2 Affected: 12.6(1) Affected: 10.3(1.11) 3rd Party Affected: 12.0(1) Affected: 12.0(1)SR1 Affected: 9.3(3) Affected: 12.5(1)SR3 Affected: 10.3(1)SR4b Affected: 9.3(4)SR1 3rd Party Affected: 10.3(1)SR5 Affected: 10.1(1.9) Affected: 10.3(1.9) 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 10.3(1)SR1 Affected: 10.3(1)SR3 Affected: 10.1(1)SR1 Affected: 12.0(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 10.3(1)SR6 Affected: 12.8(1) Affected: 12.7(1)SR1 Affected: 11.0(2)SR1 Affected: 11.0(4) Affected: 11.0(2) Affected: 11.0(4)SR3 Affected: 11.0(5) Affected: 11.0(3)SR2 Affected: 11.0(3)SR4 Affected: 11.0(3)SR3 Affected: 11.0(2)SR2 Affected: 11.0(4)SR1 Affected: 11.0(5)SR3 Affected: 11.0(3) Affected: 11.0(5)SR2 Affected: 11.0(3)SR6 Affected: 11.0(5)SR1 Affected: 11.0(4)SR2 Affected: 11.0(3)SR1 Affected: 11.0(3)SR5 Affected: 11.0(6) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 14.0(1) Affected: 14.0(1)SR1 Affected: 11.0(6)SR1 Affected: 10.3(1)SR7 Affected: 14.0(1)SR2 Affected: 14.1(1) Affected: 14.0(1)SR3 Affected: 11.0(6)SR2 Affected: 14.1(1)SR1 Affected: 14.1(1)SR2 Affected: 11.0(6)SR4 Affected: 14.2(1) Affected: 14.2(1)SR1 Affected: 11.0(6)SR5 Affected: 14.1(1)SR3 Affected: 14.2(1)SR2 Affected: 3.1(1) Affected: 3.0(1) Affected: 2.3(1) Affected: 2.3(1)SR1 Affected: 2.2(1) Affected: 2.1(1) Affected: 2.0(1) Affected: 14.2(1)SR3 Affected: 3.1(1)SR1 Affected: 14.3(1) Affected: 3.2(1) Affected: 14.3(1)SR1 Affected: 14.2(1)SR4 Affected: 11.0(6)SR6 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T17:42:26.123690Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T17:42:59.642Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR5"
},
{
"status": "affected",
"version": "11.0(6)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR1"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "11.0(6)SR2"
},
{
"status": "affected",
"version": "14.1(1)SR1"
},
{
"status": "affected",
"version": "14.1(1)SR2"
},
{
"status": "affected",
"version": "11.0(6)SR4"
},
{
"status": "affected",
"version": "14.2(1)"
},
{
"status": "affected",
"version": "14.2(1)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR5"
},
{
"status": "affected",
"version": "14.1(1)SR3"
},
{
"status": "affected",
"version": "14.2(1)SR2"
},
{
"status": "affected",
"version": "3.1(1)"
},
{
"status": "affected",
"version": "3.0(1)"
},
{
"status": "affected",
"version": "2.3(1)"
},
{
"status": "affected",
"version": "2.3(1)SR1"
},
{
"status": "affected",
"version": "2.2(1)"
},
{
"status": "affected",
"version": "2.1(1)"
},
{
"status": "affected",
"version": "2.0(1)"
},
{
"status": "affected",
"version": "14.2(1)SR3"
},
{
"status": "affected",
"version": "3.1(1)SR1"
},
{
"status": "affected",
"version": "14.3(1)"
},
{
"status": "affected",
"version": "3.2(1)"
},
{
"status": "affected",
"version": "14.3(1)SR1"
},
{
"status": "affected",
"version": "14.2(1)SR4"
},
{
"status": "affected",
"version": "11.0(6)SR6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to a buffer overflow when an affected device processes HTTP packets. An attacker could exploit this vulnerability by sending crafted HTTP input to the device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.\r\nNote: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T16:15:10.244Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-phone-dos-FPyjLV7A",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-dos-FPyjLV7A"
}
],
"source": {
"advisory": "cisco-sa-phone-dos-FPyjLV7A",
"defects": [
"CSCwn51601"
],
"discovery": "INTERNAL"
},
"title": "Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20350",
"datePublished": "2025-10-15T16:15:10.244Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-10-15T17:42:59.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20078 (GCVE-0-2023-20078)
Vulnerability from cvelistv5 – Published: 2023-03-03 00:00 – Updated: 2024-10-28 16:33
VLAI?
Title
Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities
Summary
Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.
Severity ?
9.8 (Critical)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IP Phones with Multiplatform Firmware |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230302 Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-cmd-inj-KMFynVcP"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20078",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T16:27:17.404874Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T16:33:46.026Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP Phones with Multiplatform Firmware ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-03-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-03T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230302 Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-cmd-inj-KMFynVcP"
}
],
"source": {
"advisory": "cisco-sa-ip-phone-cmd-inj-KMFynVcP",
"defect": [
[
"CSCwc78400",
"CSCwd39132",
"CSCwd40474",
"CSCwd40489",
"CSCwd40494"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20078",
"datePublished": "2023-03-03T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-28T16:33:46.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20079 (GCVE-0-2023-20079)
Vulnerability from cvelistv5 – Published: 2023-03-03 00:00 – Updated: 2024-10-28 16:33
VLAI?
Title
Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities
Summary
Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.
Severity ?
9.8 (Critical)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IP Phones with Multiplatform Firmware |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.877Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230302 Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-cmd-inj-KMFynVcP"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20079",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T16:27:14.331307Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T16:33:33.489Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP Phones with Multiplatform Firmware ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-03-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-03T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230302 Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-cmd-inj-KMFynVcP"
}
],
"source": {
"advisory": "cisco-sa-ip-phone-cmd-inj-KMFynVcP",
"defect": [
[
"CSCwc78400",
"CSCwd39132",
"CSCwd40474",
"CSCwd40489",
"CSCwd40494"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 6800, 7800, 7900, and 8800 Series Web UI Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20079",
"datePublished": "2023-03-03T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-28T16:33:33.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20018 (GCVE-0-2023-20018)
Vulnerability from cvelistv5 – Published: 2023-01-19 01:35 – Updated: 2024-08-02 08:57
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication.
Severity ?
8.6 (High)
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
9.3(4) 3rd Party
Affected: 9.3(4)SR3 3rd Party Affected: 9.3(4)SR1 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 11.0(3)SR3 Affected: 11.0(2)SR1 Affected: 11.5(1) Affected: 11.0(5)SR2 Affected: 11.0(2) Affected: 11.7(1) Affected: 11.0(4)SR3 Affected: 11.0(0.7) MPP Affected: 11.0(4)SR2 Affected: 11.0(3)SR5 Affected: 11.0(3)SR6 Affected: 11.0(3) Affected: 11.0(4)SR1 Affected: 11.0(1) MPP Affected: 11.0(4) Affected: 11.0(3)SR4 Affected: 11.0(5) Affected: 11.0(3)SR1 Affected: 11.0(5)SR1 Affected: 11.0(3)SR2 Affected: 11.0(2)SR2 Affected: 11.0(1) Affected: 11.5(1)SR1 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 10.3(1.11) 3rd Party Affected: 10.2(2) Affected: 10.2(1)SR1 Affected: 10.1(1.9) Affected: 10.1(1)SR2 Affected: 10.2(1) Affected: 10.1(1)SR1 Affected: 10.4(1)SR2 3rd Party Affected: 10.3(1) Affected: 10.3(1)SR4b Affected: 10.3(1)SR5 Affected: 10.3(1.9) 3rd Party Affected: 10.3(2) Affected: 10.3(1)SR4 Affected: 10.3(1)SR2 Affected: 10.3(1)SR3 Affected: 10.3(1)SR1 Affected: 12.6(1) Affected: 12.1(1) Affected: 12.5(1)SR1 Affected: 12.5(1)SR2 Affected: 12.5(1) Affected: 12.5(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 12.1(1)SR1 Affected: 12.0(1) Affected: 12.0(1)SR2 Affected: 12.0(1)SR1 Affected: 12.0(1)SR3 Affected: 12.8(1) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 11.0(5)SR3 Affected: 11.0(6) Affected: 11.0(6)SR1 Affected: 11.0(6)SR2 Affected: 10.3(1)SR6 Affected: 10.3(1)SR7 Affected: 12.7(1)SR1 Affected: 14.0(1)SR1 Affected: 14.0(1) Affected: 14.0(1)SR2 Affected: 14.0(1)SR3 Affected: 14.1(1) Affected: 14.1(1)SR1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ip-phone-auth-bypass-pSqxZRPR",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-auth-bypass-pSqxZRPR"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.0(3)SR3"
},
{
"status": "affected",
"version": "11.0(2)SR1"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.0(5)SR2"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "11.0(4)SR3"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "11.0(4)SR2"
},
{
"status": "affected",
"version": "11.0(3)SR5"
},
{
"status": "affected",
"version": "11.0(3)SR6"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "11.0(4)SR1"
},
{
"status": "affected",
"version": "11.0(1) MPP"
},
{
"status": "affected",
"version": "11.0(4)"
},
{
"status": "affected",
"version": "11.0(3)SR4"
},
{
"status": "affected",
"version": "11.0(5)"
},
{
"status": "affected",
"version": "11.0(3)SR1"
},
{
"status": "affected",
"version": "11.0(5)SR1"
},
{
"status": "affected",
"version": "11.0(3)SR2"
},
{
"status": "affected",
"version": "11.0(2)SR2"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "11.0(5)SR3"
},
{
"status": "affected",
"version": "11.0(6)"
},
{
"status": "affected",
"version": "11.0(6)SR1"
},
{
"status": "affected",
"version": "11.0(6)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.1(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to access certain parts of the web interface that would normally require authentication."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:31.975Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ip-phone-auth-bypass-pSqxZRPR",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-auth-bypass-pSqxZRPR"
}
],
"source": {
"advisory": "cisco-sa-ip-phone-auth-bypass-pSqxZRPR",
"defects": [
"CSCwc37223",
"CSCwc37234"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20018",
"datePublished": "2023-01-19T01:35:41.006Z",
"dateReserved": "2022-10-27T18:47:50.308Z",
"dateUpdated": "2024-08-02T08:57:35.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20968 (GCVE-0-2022-20968)
Vulnerability from cvelistv5 – Published: 2022-12-08 16:13 – Updated: 2024-08-03 02:31
VLAI?
Summary
A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device.
This vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol traffic to an affected device. A successful exploit could allow the attacker to cause a stack overflow, resulting in possible remote code execution or a denial of service (DoS) condition on an affected device.
Severity ?
8.1 (High)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Session Initiation Protocol (SIP) Software |
Affected:
9.3(4) 3rd Party
Affected: 9.3(4)SR3 3rd Party Affected: 9.3(4)SR1 3rd Party Affected: 9.3(4)SR2 3rd Party Affected: 11.5(1) Affected: 11.7(1) Affected: 11.0(0.7) MPP Affected: 11.0(1) MPP Affected: 11.0(1) Affected: 11.5(1)SR1 Affected: 11-0-1MSR1-1 Affected: 10.4(1) 3rd Party Affected: 10.3(1.11) 3rd Party Affected: 10.2(2) Affected: 10.2(1)SR1 Affected: 10.1(1.9) Affected: 10.1(1)SR2 Affected: 10.2(1) Affected: 10.1(1)SR1 Affected: 10.4(1)SR2 3rd Party Affected: 10.3(1) Affected: 10.3(1)SR4b Affected: 10.3(1)SR5 Affected: 10.3(1.9) 3rd Party Affected: 10.3(2) Affected: 10.3(1)SR4 Affected: 10.3(1)SR2 Affected: 10.3(1)SR3 Affected: 10.3(1)SR1 Affected: 12.6(1) Affected: 12.1(1) Affected: 12.5(1)SR1 Affected: 12.5(1)SR2 Affected: 12.5(1) Affected: 12.5(1)SR3 Affected: 12.6(1)SR1 Affected: 12.7(1) Affected: 12.1(1)SR1 Affected: 12.0(1) Affected: 12.0(1)SR2 Affected: 12.0(1)SR1 Affected: 12.0(1)SR3 Affected: 12.8(1) Affected: 12.8(1)SR1 Affected: 12.8(1)SR2 Affected: 10.3(1)SR6 Affected: 10.3(1)SR7 Affected: 12.7(1)SR1 Affected: 14.0(1)SR1 Affected: 14.0(1) Affected: 14.0(1)SR2 Affected: 14.0(1)SR3 Affected: 14.1(1) Affected: 14.1(1)SR1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:58.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ipp-oobwrite-8cMF5r7U",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipp-oobwrite-8cMF5r7U"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Session Initiation Protocol (SIP) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "9.3(4) 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR3 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR1 3rd Party"
},
{
"status": "affected",
"version": "9.3(4)SR2 3rd Party"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.7(1)"
},
{
"status": "affected",
"version": "11.0(0.7) MPP"
},
{
"status": "affected",
"version": "11.0(1) MPP"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)SR1"
},
{
"status": "affected",
"version": "11-0-1MSR1-1"
},
{
"status": "affected",
"version": "10.4(1) 3rd Party"
},
{
"status": "affected",
"version": "10.3(1.11) 3rd Party"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "10.2(1)SR1"
},
{
"status": "affected",
"version": "10.1(1.9)"
},
{
"status": "affected",
"version": "10.1(1)SR2"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "10.1(1)SR1"
},
{
"status": "affected",
"version": "10.4(1)SR2 3rd Party"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)SR4b"
},
{
"status": "affected",
"version": "10.3(1)SR5"
},
{
"status": "affected",
"version": "10.3(1.9) 3rd Party"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "10.3(1)SR4"
},
{
"status": "affected",
"version": "10.3(1)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR3"
},
{
"status": "affected",
"version": "10.3(1)SR1"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "12.5(1)SR1"
},
{
"status": "affected",
"version": "12.5(1)SR2"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SR3"
},
{
"status": "affected",
"version": "12.6(1)SR1"
},
{
"status": "affected",
"version": "12.7(1)"
},
{
"status": "affected",
"version": "12.1(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)SR2"
},
{
"status": "affected",
"version": "12.0(1)SR1"
},
{
"status": "affected",
"version": "12.0(1)SR3"
},
{
"status": "affected",
"version": "12.8(1)"
},
{
"status": "affected",
"version": "12.8(1)SR1"
},
{
"status": "affected",
"version": "12.8(1)SR2"
},
{
"status": "affected",
"version": "10.3(1)SR6"
},
{
"status": "affected",
"version": "10.3(1)SR7"
},
{
"status": "affected",
"version": "12.7(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)SR1"
},
{
"status": "affected",
"version": "14.0(1)"
},
{
"status": "affected",
"version": "14.0(1)SR2"
},
{
"status": "affected",
"version": "14.0(1)SR3"
},
{
"status": "affected",
"version": "14.1(1)"
},
{
"status": "affected",
"version": "14.1(1)SR1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device.\r\n\r\nThis vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol traffic to an affected device. A successful exploit could allow the attacker to cause a stack overflow, resulting in possible remote code execution or a denial of service (DoS) condition on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory and that this vulnerability has been publicly discussed.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out-of-bounds Write",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:28.167Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ipp-oobwrite-8cMF5r7U",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipp-oobwrite-8cMF5r7U"
}
],
"source": {
"advisory": "cisco-sa-ipp-oobwrite-8cMF5r7U",
"defects": [
"CSCwb28354"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20968",
"datePublished": "2022-12-08T16:13:11.258Z",
"dateReserved": "2021-11-02T13:28:29.197Z",
"dateUpdated": "2024-08-03T02:31:58.569Z",
"requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20774 (GCVE-0-2022-20774)
Vulnerability from cvelistv5 – Published: 2022-04-06 18:12 – Updated: 2024-11-06 16:28
VLAI?
Title
Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based interface of an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform configuration changes on the affected device, resulting in a denial of service (DoS) condition.
Severity ?
6.8 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IP Phone 7800 Series with Multiplatform Firmware |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:49.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220406 Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-csrf-K56vXvVx"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20774",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T15:59:08.204328Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:28:57.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP Phone 7800 Series with Multiplatform Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-04-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based interface of an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform configuration changes on the affected device, resulting in a denial of service (DoS) condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-06T18:12:22",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220406 Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-csrf-K56vXvVx"
}
],
"source": {
"advisory": "cisco-sa-voip-phone-csrf-K56vXvVx",
"defect": [
[
"CSCvz56447"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-04-06T23:00:00",
"ID": "CVE-2022-20774",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IP Phone 7800 Series with Multiplatform Firmware",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based interface of an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform configuration changes on the affected device, resulting in a denial of service (DoS) condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-345"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220406 Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-csrf-K56vXvVx"
}
]
},
"source": {
"advisory": "cisco-sa-voip-phone-csrf-K56vXvVx",
"defect": [
[
"CSCvz56447"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20774",
"datePublished": "2022-04-06T18:12:26.733091Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:28:57.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-26139 (GCVE-0-2020-26139)
Vulnerability from cvelistv5 – Published: 2021-05-11 19:37 – Updated: 2024-08-04 15:49
VLAI?
Summary
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:49:07.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T14:09:21",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"name": "https://www.fragattacks.com",
"refsource": "MISC",
"url": "https://www.fragattacks.com"
},
{
"name": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md",
"refsource": "MISC",
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-26139",
"datePublished": "2021-05-11T19:37:55",
"dateReserved": "2020-09-29T00:00:00",
"dateUpdated": "2024-08-04T15:49:07.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-26140 (GCVE-0-2020-26140)
Vulnerability from cvelistv5 – Published: 2021-05-11 19:34 – Updated: 2024-08-04 15:49
VLAI?
Summary
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:49:07.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T14:11:58",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26140",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"name": "https://www.fragattacks.com",
"refsource": "MISC",
"url": "https://www.fragattacks.com"
},
{
"name": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md",
"refsource": "MISC",
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-26140",
"datePublished": "2021-05-11T19:34:42",
"dateReserved": "2020-09-29T00:00:00",
"dateUpdated": "2024-08-04T15:49:07.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-24587 (GCVE-0-2020-24587)
Vulnerability from cvelistv5 – Published: 2021-05-11 00:00 – Updated: 2024-08-04 15:19
VLAI?
Summary
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:19:08.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-01T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"url": "https://www.fragattacks.com"
},
{
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-24587",
"datePublished": "2021-05-11T00:00:00",
"dateReserved": "2020-08-21T00:00:00",
"dateUpdated": "2024-08-04T15:19:08.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-24588 (GCVE-0-2020-24588)
Vulnerability from cvelistv5 – Published: 2021-05-11 00:00 – Updated: 2024-08-04 15:19
VLAI?
Summary
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:19:08.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-01T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"url": "https://www.fragattacks.com"
},
{
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-24588",
"datePublished": "2021-05-11T00:00:00",
"dateReserved": "2020-08-21T00:00:00",
"dateUpdated": "2024-08-04T15:19:08.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16008 (GCVE-0-2019-16008)
Vulnerability from cvelistv5 – Published: 2020-01-26 04:45 – Updated: 2024-11-15 17:44
VLAI?
Title
Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Scripting Vulnerability
Summary
A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based GUI of an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Severity ?
5.4 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IP Phone 7800 Series with Multiplatform Firmware |
Affected:
unspecified , < n/a
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:03:32.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200108 Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-iphone-xss"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-16008",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:29:41.207109Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:44:17.675Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IP Phone 7800 Series with Multiplatform Firmware",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based GUI of an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-26T04:45:30",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200108 Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-iphone-xss"
}
],
"source": {
"advisory": "cisco-sa-20200108-iphone-xss",
"defect": [
[
"CSCvq85331"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Scripting Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-01-08T16:00:00-0800",
"ID": "CVE-2019-16008",
"STATE": "PUBLIC",
"TITLE": "Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Scripting Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IP Phone 7800 Series with Multiplatform Firmware",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based GUI of an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.4",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200108 Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-iphone-xss"
}
]
},
"source": {
"advisory": "cisco-sa-20200108-iphone-xss",
"defect": [
[
"CSCvq85331"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-16008",
"datePublished": "2020-01-26T04:45:30.615870Z",
"dateReserved": "2019-09-06T00:00:00",
"dateUpdated": "2024-11-15T17:44:17.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}