Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for unified_ip_conference_phone_8831_firmware by cisco

    CVE-2021-1379 (GCVE-0-2021-1379)

    Vulnerability from nvd – Published: 2024-11-18 15:42 – Updated: 2024-11-18 16:23
    VLAI
    Title
    Cisco IP Phones Cisco Discovery Protocol and Link Layer Discovery Protocol Remote Code Execution and Denial of Service Vulnerabilities
    Summary
    Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP phone. These vulnerabilities are due to missing checks when the IP phone processes a Cisco Discovery Protocol or LLDP packet. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted IP phone. A successful exploit could allow the attacker to execute code on the affected IP phone or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition.Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco IP Phones with Multiplatform Firmware Affected: 11.1.2
    Affected: 11.2.1
    Affected: 11.2.3
    Affected: 11.2.2
    Affected: 11.2.3 MSR1-1
    Affected: 11.1.2 MSR1-1
    Affected: 11.1.1
    Affected: 11.1.2 MSR3-1
    Affected: 11.0.0
    Affected: 11.1.1 MSR1-1
    Affected: 11.0.1
    Affected: 11.1.1 MSR2-1
    Affected: 11.2.4
    Affected: 11.0.1 MSR1-1
    Affected: 11.0.2
    Affected: 11.3.1
    Affected: 11.3.1 MSR1-3
    Affected: 11.3.2
    Affected: 11.3.1 MSR2-6
    Affected: 11.3.1 MSR3-3
    Create a notification for this product.
    Cisco Cisco Session Initiation Protocol (SIP) Software Affected: 9.0(3)
    Affected: 9.0(2)SR2
    Affected: 9.0(2)SR1
    Affected: 9.2(1)
    Affected: 9.4(2)SR1
    Affected: 9.4(2)
    Affected: 9.4(2)SR2
    Affected: 9.4(2)SR3
    Affected: 9.3(1)SR2
    Affected: 9.3(1)SR3
    Affected: 9.3(1)SR1
    Affected: 9.1(1)SR1
    Affected: 9.3(1)SR4
    Affected: 9.2(3)
    Affected: 9.2(1)SR2
    Affected: 9.3(1)
    Affected: 9.4(2)SR4
    Affected: 12.1(1)SR1
    Affected: 11.5(1)
    Affected: 10.3(2)
    Affected: 10.2(2)
    Affected: 10.3(1)
    Affected: 10.3(1)SR4
    Affected: 11.0(1)
    Affected: 10.4(1)SR2 3rd Party
    Affected: 11.7(1)
    Affected: 12.1(1)
    Affected: 11.0(0.7) MPP
    Affected: 9.3(4) 3rd Party
    Affected: 12.5(1)SR2
    Affected: 10.2(1)SR1
    Affected: 9.3(4)SR3 3rd Party
    Affected: 10.2(1)
    Affected: 12.5(1)
    Affected: 10.3(1)SR2
    Affected: 11-0-1MSR1-1
    Affected: 10.4(1) 3rd Party
    Affected: 12.5(1)SR1
    Affected: 11.5(1)SR1
    Affected: 10.1(1)SR2
    Affected: 12.0(1)SR2
    Affected: 12.6(1)
    Affected: 10.3(1.11) 3rd Party
    Affected: 12.0(1)
    Affected: 12.0(1)SR1
    Affected: 9.3(3)
    Affected: 12.5(1)SR3
    Affected: 10.3(1)SR4b
    Affected: 9.3(4)SR1 3rd Party
    Affected: 10.3(1)SR5
    Affected: 10.1(1.9)
    Affected: 10.3(1.9) 3rd Party
    Affected: 9.3(4)SR2 3rd Party
    Affected: 10.3(1)SR1
    Affected: 10.3(1)SR3
    Affected: 10.1(1)SR1
    Affected: 12.0(1)SR3
    Affected: 12.6(1)SR1
    Affected: 12.7(1)
    Affected: 10.3(1)SR6
    Affected: 12.8(1)
    Affected: 12.7(1)SR1
    Affected: 11.0(2)SR1
    Affected: 11.0(4)
    Affected: 11.0(2)
    Affected: 11.0(4)SR3
    Affected: 11.0(5)
    Affected: 11.0(3)SR2
    Affected: 11.0(3)SR4
    Affected: 11.0(3)SR3
    Affected: 11.0(2)SR2
    Affected: 11.0(4)SR1
    Affected: 11.0(5)SR3
    Affected: 11.0(3)
    Affected: 11.0(5)SR2
    Affected: 11.0(3)SR6
    Affected: 11.0(5)SR1
    Affected: 11.0(4)SR2
    Affected: 11.0(3)SR1
    Affected: 11.0(3)SR5
    Create a notification for this product.
    Cisco Cisco Small Business IP Phones Affected: 7.4.8
    Affected: 7.4.3
    Affected: 7.5.5a
    Affected: 7.3.7
    Affected: 7.5.2
    Affected: 7.5.1
    Affected: 7.4.6
    Affected: 7.5.7
    Affected: 7.4.4
    Affected: 7.6.2SR3
    Affected: 7.6.2
    Affected: 7.5.6
    Affected: 7.5.6c
    Affected: 7.6.0
    Affected: 7.4.7
    Affected: 7.6.2SR6
    Affected: 7.5.2b
    Affected: 7.5.5
    Affected: 7.5.6a
    Affected: 7.6.2SR2
    Affected: 7.5.3
    Affected: 7.5.2a
    Affected: 7.5.6(XU)
    Affected: 7.5.7s
    Affected: 7.6.2SR4
    Affected: 7.6.2SR1
    Affected: 7.4.9
    Affected: 7.5.5b
    Affected: 7.6.2SR5
    Affected: 7.5.4
    Affected: 7.6.1
    Affected: 7.6.2SR7
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1379",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-18T16:22:56.651830Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-18T16:23:13.534Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco IP Phones with Multiplatform Firmware",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.1.2"
                },
                {
                  "status": "affected",
                  "version": "11.2.1"
                },
                {
                  "status": "affected",
                  "version": "11.2.3"
                },
                {
                  "status": "affected",
                  "version": "11.2.2"
                },
                {
                  "status": "affected",
                  "version": "11.2.3 MSR1-1"
                },
                {
                  "status": "affected",
                  "version": "11.1.2 MSR1-1"
                },
                {
                  "status": "affected",
                  "version": "11.1.1"
                },
                {
                  "status": "affected",
                  "version": "11.1.2 MSR3-1"
                },
                {
                  "status": "affected",
                  "version": "11.0.0"
                },
                {
                  "status": "affected",
                  "version": "11.1.1 MSR1-1"
                },
                {
                  "status": "affected",
                  "version": "11.0.1"
                },
                {
                  "status": "affected",
                  "version": "11.1.1 MSR2-1"
                },
                {
                  "status": "affected",
                  "version": "11.2.4"
                },
                {
                  "status": "affected",
                  "version": "11.0.1 MSR1-1"
                },
                {
                  "status": "affected",
                  "version": "11.0.2"
                },
                {
                  "status": "affected",
                  "version": "11.3.1"
                },
                {
                  "status": "affected",
                  "version": "11.3.1 MSR1-3"
                },
                {
                  "status": "affected",
                  "version": "11.3.2"
                },
                {
                  "status": "affected",
                  "version": "11.3.1 MSR2-6"
                },
                {
                  "status": "affected",
                  "version": "11.3.1 MSR3-3"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Session Initiation Protocol (SIP) Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.0(3)"
                },
                {
                  "status": "affected",
                  "version": "9.0(2)SR2"
                },
                {
                  "status": "affected",
                  "version": "9.0(2)SR1"
                },
                {
                  "status": "affected",
                  "version": "9.2(1)"
                },
                {
                  "status": "affected",
                  "version": "9.4(2)SR1"
                },
                {
                  "status": "affected",
                  "version": "9.4(2)"
                },
                {
                  "status": "affected",
                  "version": "9.4(2)SR2"
                },
                {
                  "status": "affected",
                  "version": "9.4(2)SR3"
                },
                {
                  "status": "affected",
                  "version": "9.3(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "9.3(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "9.3(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "9.1(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "9.3(1)SR4"
                },
                {
                  "status": "affected",
                  "version": "9.2(3)"
                },
                {
                  "status": "affected",
                  "version": "9.2(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "9.3(1)"
                },
                {
                  "status": "affected",
                  "version": "9.4(2)SR4"
                },
                {
                  "status": "affected",
                  "version": "12.1(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(2)"
                },
                {
                  "status": "affected",
                  "version": "10.2(2)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR4"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "10.4(1)SR2 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "11.7(1)"
                },
                {
                  "status": "affected",
                  "version": "12.1(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(0.7) MPP"
                },
                {
                  "status": "affected",
                  "version": "9.3(4) 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "10.2(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "9.3(4)SR3 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "10.2(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "11-0-1MSR1-1"
                },
                {
                  "status": "affected",
                  "version": "10.4(1) 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "10.1(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1.11) 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "9.3(3)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR4b"
                },
                {
                  "status": "affected",
                  "version": "9.3(4)SR1 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR5"
                },
                {
                  "status": "affected",
                  "version": "10.1(1.9)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1.9) 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "9.3(4)SR2 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "10.1(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "12.7(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR6"
                },
                {
                  "status": "affected",
                  "version": "12.8(1)"
                },
                {
                  "status": "affected",
                  "version": "12.7(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.0(2)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.0(4)"
                },
                {
                  "status": "affected",
                  "version": "11.0(2)"
                },
                {
                  "status": "affected",
                  "version": "11.0(4)SR3"
                },
                {
                  "status": "affected",
                  "version": "11.0(5)"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)SR2"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)SR4"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)SR3"
                },
                {
                  "status": "affected",
                  "version": "11.0(2)SR2"
                },
                {
                  "status": "affected",
                  "version": "11.0(4)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.0(5)SR3"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)"
                },
                {
                  "status": "affected",
                  "version": "11.0(5)SR2"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)SR6"
                },
                {
                  "status": "affected",
                  "version": "11.0(5)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.0(4)SR2"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)SR5"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Small Business IP Phones",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.4.8"
                },
                {
                  "status": "affected",
                  "version": "7.4.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.5a"
                },
                {
                  "status": "affected",
                  "version": "7.3.7"
                },
                {
                  "status": "affected",
                  "version": "7.5.2"
                },
                {
                  "status": "affected",
                  "version": "7.5.1"
                },
                {
                  "status": "affected",
                  "version": "7.4.6"
                },
                {
                  "status": "affected",
                  "version": "7.5.7"
                },
                {
                  "status": "affected",
                  "version": "7.4.4"
                },
                {
                  "status": "affected",
                  "version": "7.6.2SR3"
                },
                {
                  "status": "affected",
                  "version": "7.6.2"
                },
                {
                  "status": "affected",
                  "version": "7.5.6"
                },
                {
                  "status": "affected",
                  "version": "7.5.6c"
                },
                {
                  "status": "affected",
                  "version": "7.6.0"
                },
                {
                  "status": "affected",
                  "version": "7.4.7"
                },
                {
                  "status": "affected",
                  "version": "7.6.2SR6"
                },
                {
                  "status": "affected",
                  "version": "7.5.2b"
                },
                {
                  "status": "affected",
                  "version": "7.5.5"
                },
                {
                  "status": "affected",
                  "version": "7.5.6a"
                },
                {
                  "status": "affected",
                  "version": "7.6.2SR2"
                },
                {
                  "status": "affected",
                  "version": "7.5.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.2a"
                },
                {
                  "status": "affected",
                  "version": "7.5.6(XU)"
                },
                {
                  "status": "affected",
                  "version": "7.5.7s"
                },
                {
                  "status": "affected",
                  "version": "7.6.2SR4"
                },
                {
                  "status": "affected",
                  "version": "7.6.2SR1"
                },
                {
                  "status": "affected",
                  "version": "7.4.9"
                },
                {
                  "status": "affected",
                  "version": "7.5.5b"
                },
                {
                  "status": "affected",
                  "version": "7.6.2SR5"
                },
                {
                  "status": "affected",
                  "version": "7.5.4"
                },
                {
                  "status": "affected",
                  "version": "7.6.1"
                },
                {
                  "status": "affected",
                  "version": "7.6.2SR7"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple vulnerabilities in the Cisco\u0026nbsp;Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco\u0026nbsp;IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP phone.\r\nThese vulnerabilities are due to missing checks when the IP phone processes a Cisco\u0026nbsp;Discovery Protocol or LLDP packet. An attacker could exploit these vulnerabilities by sending a malicious Cisco\u0026nbsp;Discovery Protocol or LLDP packet to the targeted IP phone. A successful exploit could allow the attacker to execute code on the affected IP phone or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition.Note: Cisco\u0026nbsp;Discovery Protocol is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).Cisco\u0026nbsp;has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco\u00a0Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/RL:X/RC:X/E:X",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-18T15:42:00.388Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ipphone-rce-dos-U2PsSkz3",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-rce-dos-U2PsSkz3"
            },
            {
              "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-distupd-N87eB6Z3",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-distupd-N87eB6Z3"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ipphone-rce-dos-U2PsSkz3",
            "defects": [
              "CSCvu59351"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco IP Phones Cisco Discovery Protocol and Link Layer Discovery Protocol Remote Code Execution and Denial of Service Vulnerabilities"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1379",
        "datePublished": "2024-11-18T15:42:00.388Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-18T16:23:13.534Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20660 (GCVE-0-2022-20660)

    Vulnerability from nvd – Published: 2022-01-14 05:01 – Updated: 2024-11-06 16:33
    VLAI
    Title
    Cisco IP Phones Information Disclosure Vulnerability
    Summary
    A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Date Public
    2022-01-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:17:53.070Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20220113 Cisco IP Phones Information Disclosure Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
              },
              {
                "name": "20220114 SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Jan/34"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-20660",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-06T15:59:21.438909Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-06T16:33:25.971Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Session Initiation Protocol (SIP) Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2022-01-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-312",
                  "description": "CWE-312",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-17T19:06:13.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20220113 Cisco IP Phones Information Disclosure Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
            },
            {
              "name": "20220114 SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Jan/34"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ip-phone-info-disc-fRdJfOxA",
            "defect": [
              [
                "CSCvy39035",
                "CSCvy39054",
                "CSCvy39055",
                "CSCvy39057",
                "CSCvy39058",
                "CSCvy39059"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IP Phones Information Disclosure Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2022-01-13T00:00:00",
              "ID": "CVE-2022-20660",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IP Phones Information Disclosure Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco Session Initiation Protocol (SIP) Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "4.6",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-312"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20220113 Cisco IP Phones Information Disclosure Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
                },
                {
                  "name": "20220114 SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2022/Jan/34"
                },
                {
                  "name": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-ip-phone-info-disc-fRdJfOxA",
              "defect": [
                [
                  "CSCvy39035",
                  "CSCvy39054",
                  "CSCvy39055",
                  "CSCvy39057",
                  "CSCvy39058",
                  "CSCvy39059"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20660",
        "datePublished": "2022-01-14T05:01:29.253Z",
        "dateReserved": "2021-11-02T00:00:00.000Z",
        "dateUpdated": "2024-11-06T16:33:25.971Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3574 (GCVE-0-2020-3574)

    Vulnerability from nvd – Published: 2020-11-06 18:16 – Updated: 2024-11-13 17:43
    VLAI
    Title
    Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability
    Summary
    A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. The vulnerability is due to insufficient TCP ingress packet rate limiting. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the targeted device. A successful exploit could allow the attacker to impact operations of the phone or cause the phone to reload, leading to a denial of service (DoS) condition.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2020-11-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:37:55.701Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20201104 Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-flood-dos-YnU9EXOv"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3574",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-13T17:12:06.604039Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-13T17:43:05.265Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IP Phones with Multiplatform Firmware",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2020-11-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. The vulnerability is due to insufficient TCP ingress packet rate limiting. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the targeted device. A successful exploit could allow the attacker to impact operations of the phone or cause the phone to reload, leading to a denial of service (DoS) condition."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-371",
                  "description": "CWE-371",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-06T18:16:31.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20201104 Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-flood-dos-YnU9EXOv"
            }
          ],
          "source": {
            "advisory": "cisco-sa-voip-phone-flood-dos-YnU9EXOv",
            "defect": [
              [
                "CSCvs66815",
                "CSCvt83239",
                "CSCvu36012",
                "CSCvu36026"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-11-04T16:00:00",
              "ID": "CVE-2020-3574",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IP Phones with Multiplatform Firmware",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. The vulnerability is due to insufficient TCP ingress packet rate limiting. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the targeted device. A successful exploit could allow the attacker to impact operations of the phone or cause the phone to reload, leading to a denial of service (DoS) condition."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "7.5",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-371"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20201104 Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-flood-dos-YnU9EXOv"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-voip-phone-flood-dos-YnU9EXOv",
              "defect": [
                [
                  "CSCvs66815",
                  "CSCvt83239",
                  "CSCvu36012",
                  "CSCvu36026"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3574",
        "datePublished": "2020-11-06T18:16:31.678Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2024-11-13T17:43:05.265Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3111 (GCVE-0-2020-3111)

    Vulnerability from nvd – Published: 2020-02-05 17:40 – Updated: 2024-11-15 17:42
    VLAI
    Title
    Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability
    Summary
    A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to the targeted IP phone. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Cisco Cisco IP phone Affected: unspecified , < 12.7(1) (custom)
    Create a notification for this product.
    Date Public
    2020-02-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:24:00.455Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20200205 Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3111",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-15T16:25:09.510937Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-15T17:42:42.854Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IP phone",
              "vendor": "Cisco",
              "versions": [
                {
                  "lessThan": "12.7(1)",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-02-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to the targeted IP phone. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about this vulnerability. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-05T18:06:07.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20200205 Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
            }
          ],
          "source": {
            "advisory": "cisco-sa-20200205-voip-phones-rce-dos",
            "defect": [
              [
                "CSCvr96057",
                "CSCvr96058",
                "CSCvr96059",
                "CSCvr96060",
                "CSCvr96063",
                "CSCvr96064",
                "CSCvr96065",
                "CSCvr96066",
                "CSCvr96067",
                "CSCvr96069",
                "CSCvr96070",
                "CSCvr96071",
                "CSCvr96738",
                "CSCvr96739"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-02-05T16:00:00-0800",
              "ID": "CVE-2020-3111",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IP phone",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "12.7(1)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to the targeted IP phone. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about this vulnerability. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "8.8",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20200205 Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos"
                },
                {
                  "name": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-20200205-voip-phones-rce-dos",
              "defect": [
                [
                  "CSCvr96057",
                  "CSCvr96058",
                  "CSCvr96059",
                  "CSCvr96060",
                  "CSCvr96063",
                  "CSCvr96064",
                  "CSCvr96065",
                  "CSCvr96066",
                  "CSCvr96067",
                  "CSCvr96069",
                  "CSCvr96070",
                  "CSCvr96071",
                  "CSCvr96738",
                  "CSCvr96739"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3111",
        "datePublished": "2020-02-05T17:40:15.678Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2024-11-15T17:42:42.854Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1379 (GCVE-0-2021-1379)

    Vulnerability from cvelistv5 – Published: 2024-11-18 15:42 – Updated: 2024-11-18 16:23
    VLAI
    Title
    Cisco IP Phones Cisco Discovery Protocol and Link Layer Discovery Protocol Remote Code Execution and Denial of Service Vulnerabilities
    Summary
    Multiple vulnerabilities in the Cisco&nbsp;Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco&nbsp;IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP phone. These vulnerabilities are due to missing checks when the IP phone processes a Cisco&nbsp;Discovery Protocol or LLDP packet. An attacker could exploit these vulnerabilities by sending a malicious Cisco&nbsp;Discovery Protocol or LLDP packet to the targeted IP phone. A successful exploit could allow the attacker to execute code on the affected IP phone or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition.Note: Cisco&nbsp;Discovery Protocol is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).Cisco&nbsp;has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco IP Phones with Multiplatform Firmware Affected: 11.1.2
    Affected: 11.2.1
    Affected: 11.2.3
    Affected: 11.2.2
    Affected: 11.2.3 MSR1-1
    Affected: 11.1.2 MSR1-1
    Affected: 11.1.1
    Affected: 11.1.2 MSR3-1
    Affected: 11.0.0
    Affected: 11.1.1 MSR1-1
    Affected: 11.0.1
    Affected: 11.1.1 MSR2-1
    Affected: 11.2.4
    Affected: 11.0.1 MSR1-1
    Affected: 11.0.2
    Affected: 11.3.1
    Affected: 11.3.1 MSR1-3
    Affected: 11.3.2
    Affected: 11.3.1 MSR2-6
    Affected: 11.3.1 MSR3-3
    Create a notification for this product.
    Cisco Cisco Session Initiation Protocol (SIP) Software Affected: 9.0(3)
    Affected: 9.0(2)SR2
    Affected: 9.0(2)SR1
    Affected: 9.2(1)
    Affected: 9.4(2)SR1
    Affected: 9.4(2)
    Affected: 9.4(2)SR2
    Affected: 9.4(2)SR3
    Affected: 9.3(1)SR2
    Affected: 9.3(1)SR3
    Affected: 9.3(1)SR1
    Affected: 9.1(1)SR1
    Affected: 9.3(1)SR4
    Affected: 9.2(3)
    Affected: 9.2(1)SR2
    Affected: 9.3(1)
    Affected: 9.4(2)SR4
    Affected: 12.1(1)SR1
    Affected: 11.5(1)
    Affected: 10.3(2)
    Affected: 10.2(2)
    Affected: 10.3(1)
    Affected: 10.3(1)SR4
    Affected: 11.0(1)
    Affected: 10.4(1)SR2 3rd Party
    Affected: 11.7(1)
    Affected: 12.1(1)
    Affected: 11.0(0.7) MPP
    Affected: 9.3(4) 3rd Party
    Affected: 12.5(1)SR2
    Affected: 10.2(1)SR1
    Affected: 9.3(4)SR3 3rd Party
    Affected: 10.2(1)
    Affected: 12.5(1)
    Affected: 10.3(1)SR2
    Affected: 11-0-1MSR1-1
    Affected: 10.4(1) 3rd Party
    Affected: 12.5(1)SR1
    Affected: 11.5(1)SR1
    Affected: 10.1(1)SR2
    Affected: 12.0(1)SR2
    Affected: 12.6(1)
    Affected: 10.3(1.11) 3rd Party
    Affected: 12.0(1)
    Affected: 12.0(1)SR1
    Affected: 9.3(3)
    Affected: 12.5(1)SR3
    Affected: 10.3(1)SR4b
    Affected: 9.3(4)SR1 3rd Party
    Affected: 10.3(1)SR5
    Affected: 10.1(1.9)
    Affected: 10.3(1.9) 3rd Party
    Affected: 9.3(4)SR2 3rd Party
    Affected: 10.3(1)SR1
    Affected: 10.3(1)SR3
    Affected: 10.1(1)SR1
    Affected: 12.0(1)SR3
    Affected: 12.6(1)SR1
    Affected: 12.7(1)
    Affected: 10.3(1)SR6
    Affected: 12.8(1)
    Affected: 12.7(1)SR1
    Affected: 11.0(2)SR1
    Affected: 11.0(4)
    Affected: 11.0(2)
    Affected: 11.0(4)SR3
    Affected: 11.0(5)
    Affected: 11.0(3)SR2
    Affected: 11.0(3)SR4
    Affected: 11.0(3)SR3
    Affected: 11.0(2)SR2
    Affected: 11.0(4)SR1
    Affected: 11.0(5)SR3
    Affected: 11.0(3)
    Affected: 11.0(5)SR2
    Affected: 11.0(3)SR6
    Affected: 11.0(5)SR1
    Affected: 11.0(4)SR2
    Affected: 11.0(3)SR1
    Affected: 11.0(3)SR5
    Create a notification for this product.
    Cisco Cisco Small Business IP Phones Affected: 7.4.8
    Affected: 7.4.3
    Affected: 7.5.5a
    Affected: 7.3.7
    Affected: 7.5.2
    Affected: 7.5.1
    Affected: 7.4.6
    Affected: 7.5.7
    Affected: 7.4.4
    Affected: 7.6.2SR3
    Affected: 7.6.2
    Affected: 7.5.6
    Affected: 7.5.6c
    Affected: 7.6.0
    Affected: 7.4.7
    Affected: 7.6.2SR6
    Affected: 7.5.2b
    Affected: 7.5.5
    Affected: 7.5.6a
    Affected: 7.6.2SR2
    Affected: 7.5.3
    Affected: 7.5.2a
    Affected: 7.5.6(XU)
    Affected: 7.5.7s
    Affected: 7.6.2SR4
    Affected: 7.6.2SR1
    Affected: 7.4.9
    Affected: 7.5.5b
    Affected: 7.6.2SR5
    Affected: 7.5.4
    Affected: 7.6.1
    Affected: 7.6.2SR7
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1379",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-18T16:22:56.651830Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-18T16:23:13.534Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco IP Phones with Multiplatform Firmware",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.1.2"
                },
                {
                  "status": "affected",
                  "version": "11.2.1"
                },
                {
                  "status": "affected",
                  "version": "11.2.3"
                },
                {
                  "status": "affected",
                  "version": "11.2.2"
                },
                {
                  "status": "affected",
                  "version": "11.2.3 MSR1-1"
                },
                {
                  "status": "affected",
                  "version": "11.1.2 MSR1-1"
                },
                {
                  "status": "affected",
                  "version": "11.1.1"
                },
                {
                  "status": "affected",
                  "version": "11.1.2 MSR3-1"
                },
                {
                  "status": "affected",
                  "version": "11.0.0"
                },
                {
                  "status": "affected",
                  "version": "11.1.1 MSR1-1"
                },
                {
                  "status": "affected",
                  "version": "11.0.1"
                },
                {
                  "status": "affected",
                  "version": "11.1.1 MSR2-1"
                },
                {
                  "status": "affected",
                  "version": "11.2.4"
                },
                {
                  "status": "affected",
                  "version": "11.0.1 MSR1-1"
                },
                {
                  "status": "affected",
                  "version": "11.0.2"
                },
                {
                  "status": "affected",
                  "version": "11.3.1"
                },
                {
                  "status": "affected",
                  "version": "11.3.1 MSR1-3"
                },
                {
                  "status": "affected",
                  "version": "11.3.2"
                },
                {
                  "status": "affected",
                  "version": "11.3.1 MSR2-6"
                },
                {
                  "status": "affected",
                  "version": "11.3.1 MSR3-3"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Session Initiation Protocol (SIP) Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.0(3)"
                },
                {
                  "status": "affected",
                  "version": "9.0(2)SR2"
                },
                {
                  "status": "affected",
                  "version": "9.0(2)SR1"
                },
                {
                  "status": "affected",
                  "version": "9.2(1)"
                },
                {
                  "status": "affected",
                  "version": "9.4(2)SR1"
                },
                {
                  "status": "affected",
                  "version": "9.4(2)"
                },
                {
                  "status": "affected",
                  "version": "9.4(2)SR2"
                },
                {
                  "status": "affected",
                  "version": "9.4(2)SR3"
                },
                {
                  "status": "affected",
                  "version": "9.3(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "9.3(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "9.3(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "9.1(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "9.3(1)SR4"
                },
                {
                  "status": "affected",
                  "version": "9.2(3)"
                },
                {
                  "status": "affected",
                  "version": "9.2(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "9.3(1)"
                },
                {
                  "status": "affected",
                  "version": "9.4(2)SR4"
                },
                {
                  "status": "affected",
                  "version": "12.1(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(2)"
                },
                {
                  "status": "affected",
                  "version": "10.2(2)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR4"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "10.4(1)SR2 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "11.7(1)"
                },
                {
                  "status": "affected",
                  "version": "12.1(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(0.7) MPP"
                },
                {
                  "status": "affected",
                  "version": "9.3(4) 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "10.2(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "9.3(4)SR3 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "10.2(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "11-0-1MSR1-1"
                },
                {
                  "status": "affected",
                  "version": "10.4(1) 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "10.1(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)SR2"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1.11) 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "9.3(3)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR4b"
                },
                {
                  "status": "affected",
                  "version": "9.3(4)SR1 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR5"
                },
                {
                  "status": "affected",
                  "version": "10.1(1.9)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1.9) 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "9.3(4)SR2 3rd Party"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "10.1(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)SR3"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "12.7(1)"
                },
                {
                  "status": "affected",
                  "version": "10.3(1)SR6"
                },
                {
                  "status": "affected",
                  "version": "12.8(1)"
                },
                {
                  "status": "affected",
                  "version": "12.7(1)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.0(2)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.0(4)"
                },
                {
                  "status": "affected",
                  "version": "11.0(2)"
                },
                {
                  "status": "affected",
                  "version": "11.0(4)SR3"
                },
                {
                  "status": "affected",
                  "version": "11.0(5)"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)SR2"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)SR4"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)SR3"
                },
                {
                  "status": "affected",
                  "version": "11.0(2)SR2"
                },
                {
                  "status": "affected",
                  "version": "11.0(4)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.0(5)SR3"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)"
                },
                {
                  "status": "affected",
                  "version": "11.0(5)SR2"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)SR6"
                },
                {
                  "status": "affected",
                  "version": "11.0(5)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.0(4)SR2"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)SR1"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)SR5"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Small Business IP Phones",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.4.8"
                },
                {
                  "status": "affected",
                  "version": "7.4.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.5a"
                },
                {
                  "status": "affected",
                  "version": "7.3.7"
                },
                {
                  "status": "affected",
                  "version": "7.5.2"
                },
                {
                  "status": "affected",
                  "version": "7.5.1"
                },
                {
                  "status": "affected",
                  "version": "7.4.6"
                },
                {
                  "status": "affected",
                  "version": "7.5.7"
                },
                {
                  "status": "affected",
                  "version": "7.4.4"
                },
                {
                  "status": "affected",
                  "version": "7.6.2SR3"
                },
                {
                  "status": "affected",
                  "version": "7.6.2"
                },
                {
                  "status": "affected",
                  "version": "7.5.6"
                },
                {
                  "status": "affected",
                  "version": "7.5.6c"
                },
                {
                  "status": "affected",
                  "version": "7.6.0"
                },
                {
                  "status": "affected",
                  "version": "7.4.7"
                },
                {
                  "status": "affected",
                  "version": "7.6.2SR6"
                },
                {
                  "status": "affected",
                  "version": "7.5.2b"
                },
                {
                  "status": "affected",
                  "version": "7.5.5"
                },
                {
                  "status": "affected",
                  "version": "7.5.6a"
                },
                {
                  "status": "affected",
                  "version": "7.6.2SR2"
                },
                {
                  "status": "affected",
                  "version": "7.5.3"
                },
                {
                  "status": "affected",
                  "version": "7.5.2a"
                },
                {
                  "status": "affected",
                  "version": "7.5.6(XU)"
                },
                {
                  "status": "affected",
                  "version": "7.5.7s"
                },
                {
                  "status": "affected",
                  "version": "7.6.2SR4"
                },
                {
                  "status": "affected",
                  "version": "7.6.2SR1"
                },
                {
                  "status": "affected",
                  "version": "7.4.9"
                },
                {
                  "status": "affected",
                  "version": "7.5.5b"
                },
                {
                  "status": "affected",
                  "version": "7.6.2SR5"
                },
                {
                  "status": "affected",
                  "version": "7.5.4"
                },
                {
                  "status": "affected",
                  "version": "7.6.1"
                },
                {
                  "status": "affected",
                  "version": "7.6.2SR7"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple vulnerabilities in the Cisco\u0026nbsp;Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco\u0026nbsp;IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP phone.\r\nThese vulnerabilities are due to missing checks when the IP phone processes a Cisco\u0026nbsp;Discovery Protocol or LLDP packet. An attacker could exploit these vulnerabilities by sending a malicious Cisco\u0026nbsp;Discovery Protocol or LLDP packet to the targeted IP phone. A successful exploit could allow the attacker to execute code on the affected IP phone or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition.Note: Cisco\u0026nbsp;Discovery Protocol is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).Cisco\u0026nbsp;has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco\u00a0Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/RL:X/RC:X/E:X",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-18T15:42:00.388Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ipphone-rce-dos-U2PsSkz3",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipphone-rce-dos-U2PsSkz3"
            },
            {
              "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-distupd-N87eB6Z3",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-distupd-N87eB6Z3"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ipphone-rce-dos-U2PsSkz3",
            "defects": [
              "CSCvu59351"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco IP Phones Cisco Discovery Protocol and Link Layer Discovery Protocol Remote Code Execution and Denial of Service Vulnerabilities"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1379",
        "datePublished": "2024-11-18T15:42:00.388Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-18T16:23:13.534Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20660 (GCVE-0-2022-20660)

    Vulnerability from cvelistv5 – Published: 2022-01-14 05:01 – Updated: 2024-11-06 16:33
    VLAI
    Title
    Cisco IP Phones Information Disclosure Vulnerability
    Summary
    A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Date Public
    2022-01-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:17:53.070Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20220113 Cisco IP Phones Information Disclosure Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
              },
              {
                "name": "20220114 SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Jan/34"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-20660",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-06T15:59:21.438909Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-06T16:33:25.971Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Session Initiation Protocol (SIP) Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2022-01-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-312",
                  "description": "CWE-312",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-17T19:06:13.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20220113 Cisco IP Phones Information Disclosure Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
            },
            {
              "name": "20220114 SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Jan/34"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ip-phone-info-disc-fRdJfOxA",
            "defect": [
              [
                "CSCvy39035",
                "CSCvy39054",
                "CSCvy39055",
                "CSCvy39057",
                "CSCvy39058",
                "CSCvy39059"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IP Phones Information Disclosure Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2022-01-13T00:00:00",
              "ID": "CVE-2022-20660",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IP Phones Information Disclosure Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco Session Initiation Protocol (SIP) Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "4.6",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-312"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20220113 Cisco IP Phones Information Disclosure Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
                },
                {
                  "name": "20220114 SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2022/Jan/34"
                },
                {
                  "name": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-ip-phone-info-disc-fRdJfOxA",
              "defect": [
                [
                  "CSCvy39035",
                  "CSCvy39054",
                  "CSCvy39055",
                  "CSCvy39057",
                  "CSCvy39058",
                  "CSCvy39059"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20660",
        "datePublished": "2022-01-14T05:01:29.253Z",
        "dateReserved": "2021-11-02T00:00:00.000Z",
        "dateUpdated": "2024-11-06T16:33:25.971Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3574 (GCVE-0-2020-3574)

    Vulnerability from cvelistv5 – Published: 2020-11-06 18:16 – Updated: 2024-11-13 17:43
    VLAI
    Title
    Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability
    Summary
    A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. The vulnerability is due to insufficient TCP ingress packet rate limiting. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the targeted device. A successful exploit could allow the attacker to impact operations of the phone or cause the phone to reload, leading to a denial of service (DoS) condition.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2020-11-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:37:55.701Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20201104 Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-flood-dos-YnU9EXOv"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3574",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-13T17:12:06.604039Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-13T17:43:05.265Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IP Phones with Multiplatform Firmware",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2020-11-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. The vulnerability is due to insufficient TCP ingress packet rate limiting. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the targeted device. A successful exploit could allow the attacker to impact operations of the phone or cause the phone to reload, leading to a denial of service (DoS) condition."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-371",
                  "description": "CWE-371",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-11-06T18:16:31.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20201104 Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-flood-dos-YnU9EXOv"
            }
          ],
          "source": {
            "advisory": "cisco-sa-voip-phone-flood-dos-YnU9EXOv",
            "defect": [
              [
                "CSCvs66815",
                "CSCvt83239",
                "CSCvu36012",
                "CSCvu36026"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-11-04T16:00:00",
              "ID": "CVE-2020-3574",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IP Phones with Multiplatform Firmware",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. The vulnerability is due to insufficient TCP ingress packet rate limiting. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the targeted device. A successful exploit could allow the attacker to impact operations of the phone or cause the phone to reload, leading to a denial of service (DoS) condition."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "7.5",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-371"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20201104 Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-flood-dos-YnU9EXOv"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-voip-phone-flood-dos-YnU9EXOv",
              "defect": [
                [
                  "CSCvs66815",
                  "CSCvt83239",
                  "CSCvu36012",
                  "CSCvu36026"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3574",
        "datePublished": "2020-11-06T18:16:31.678Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2024-11-13T17:43:05.265Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3111 (GCVE-0-2020-3111)

    Vulnerability from cvelistv5 – Published: 2020-02-05 17:40 – Updated: 2024-11-15 17:42
    VLAI
    Title
    Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability
    Summary
    A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to the targeted IP phone. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Cisco Cisco IP phone Affected: unspecified , < 12.7(1) (custom)
    Create a notification for this product.
    Date Public
    2020-02-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:24:00.455Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20200205 Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3111",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-15T16:25:09.510937Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-15T17:42:42.854Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IP phone",
              "vendor": "Cisco",
              "versions": [
                {
                  "lessThan": "12.7(1)",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-02-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to the targeted IP phone. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about this vulnerability. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-05T18:06:07.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20200205 Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
            }
          ],
          "source": {
            "advisory": "cisco-sa-20200205-voip-phones-rce-dos",
            "defect": [
              [
                "CSCvr96057",
                "CSCvr96058",
                "CSCvr96059",
                "CSCvr96060",
                "CSCvr96063",
                "CSCvr96064",
                "CSCvr96065",
                "CSCvr96066",
                "CSCvr96067",
                "CSCvr96069",
                "CSCvr96070",
                "CSCvr96071",
                "CSCvr96738",
                "CSCvr96739"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-02-05T16:00:00-0800",
              "ID": "CVE-2020-3111",
              "STATE": "PUBLIC",
              "TITLE": "Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco IP phone",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "12.7(1)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to the targeted IP phone. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about this vulnerability. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "8.8",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20200205 Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos"
                },
                {
                  "name": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-20200205-voip-phones-rce-dos",
              "defect": [
                [
                  "CSCvr96057",
                  "CSCvr96058",
                  "CSCvr96059",
                  "CSCvr96060",
                  "CSCvr96063",
                  "CSCvr96064",
                  "CSCvr96065",
                  "CSCvr96066",
                  "CSCvr96067",
                  "CSCvr96069",
                  "CSCvr96070",
                  "CSCvr96071",
                  "CSCvr96738",
                  "CSCvr96739"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3111",
        "datePublished": "2020-02-05T17:40:15.678Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2024-11-15T17:42:42.854Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }