Lucene search
CiscoCISCO-SA-SPA-WEB-MULTI-7KVPMU2FHistoryJul 19, 2023 - 4:00 p.m.
Cisco Small Business SPA500 Series IP Phones Web UI Vulnerabilities
2023-07-1916:00:00
tools.cisco.com
18
cisco
spa500 series
ip phones
web ui
vulnerabilities
xss
html injection
advisory
remote attacker
security center
software
0.001 Low
EPSS
Percentile
27.1%
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) or HTML injection attacks.
For more information about these vulnerabilities, see the Details [“#details”] section of this advisory.
There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-spa-web-multi-7kvPmu2F [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-spa-web-multi-7kvPmu2F”]
Affected configurations
Node
ciscosmall_business_ip_phone_firmwareMatchany
ORciscosmall_business_ip_phone_firmwareMatchany
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco small business ip phones | eq | any | |
| cisco small business ip phones | eq | any |
Related
prion
prion
Design/Logic Flaw
2023-08-03 22:15:00
Input validation
2023-08-03 22:15:00
cvelist
cvelist
CVE-2023-20181
2023-08-03 21:22:47
CVE-2023-20218
2023-08-03 21:20:29
cve
cve
CVE-2023-20218
2023-08-03 22:15:11
CVE-2023-20181
2023-08-03 22:15:10
nvd
nvd
CVE-2023-20218
2023-08-03 22:15:11
CVE-2023-20181
2023-08-03 22:15:10